Prosím o kontrolu logu

Zpráva

lavega · #16 Příspěvek od **lavega** » 28 říj 2012 11:40

ComboFix 12-10-26.05 - 007 28.10.2012 11:27:33.1.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.2047.1253 [GMT 1:00]
Spuštěný z: C:\Documents and Settings\007\Plocha\Download\ComboFix.exe

/wow section - STAGE 3

/wow section - STAGE 4
Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.
Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.
Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.
Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.
Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.
Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.

/wow section - STAGE 48

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))

C:\DOCUME~1\007\LOCALS~1\Temp\nsa39.tmp\newadvsplash.dll
C:\DOCUME~1\007\LOCALS~1\Temp\nsa39.tmp\System.dll
C:\DOCUME~1\007\LOCALS~1\Temp\nst3.tmp\newadvsplash.dll
C:\DOCUME~1\007\LOCALS~1\Temp\nst3.tmp\registry.dll
C:\Documents and Settings\007\Local Settings\Temp\nsa39.tmp\newadvsplash.dll
C:\Documents and Settings\007\Local Settings\Temp\nsa39.tmp\System.dll
C:\Documents and Settings\007\Local Settings\Temp\nst3.tmp\newadvsplash.dll
C:\Documents and Settings\007\Local Settings\Temp\nst3.tmp\registry.dll
C:\Documents and Settings\007\WINDOWS
C:\WINDOWS\msmqinst.log
C:\WINDOWS\system32\drivers\npf.sys
C:\WINDOWS\system32\Packet.dll
C:\WINDOWS\system32\pthreadVC.dll
C:\WINDOWS\system32\UNWISE.EXE
C:\WINDOWS\system32\WanPacket.dll
C:\WINDOWS\system32\wpcap.dll

((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_NPF
-------\Service_NPF

((((((((((((((((((((((((( Soubory vytvořené od 2012-09-28 do 2012-10-28 )))))))))))))))))))))))))))))))

2012-10-28 09:29:23 . 2012-10-28 09:29:29 -------- d-----w- C:\rsit
2012-10-28 09:29:23 . 2012-10-28 09:29:27 -------- d-----w- C:\Program Files\trend micro
2012-10-28 09:11:35 . 2012-10-28 09:11:35 -------- d-----w- C:\_OTL
2012-10-27 08:57:08 . 2009-10-27 17:31:12 3982240 ----a-w- C:\WINDOWS\system32\Flash10d.ocx
2012-10-27 08:57:07 . 2012-10-27 08:57:08 -------- d-----w- C:\Program Files\StreamTransport
2012-10-26 18:30:04 . 2012-10-26 18:30:04 -------- d-----w- C:\Program Files\Common Files\Java
2012-10-26 18:29:58 . 2012-10-26 18:29:43 143872 ----a-w- C:\WINDOWS\system32\javacpl.cpl
2012-10-26 18:29:52 . 2012-10-26 18:29:44 93672 ----a-w- C:\WINDOWS\system32\WindowsAccessBridge.dll
2012-10-26 18:29:40 . 2012-10-26 18:29:40 -------- d-----w- C:\Program Files\Java
2012-10-22 19:29:20 . 2012-10-22 19:31:19 -------- d-----w- C:\Program Files\Euro Truck Simulator 2
2012-10-22 18:11:02 . 2012-10-22 18:11:02 -------- d-----w- C:\Documents and Settings\007\Local Settings\Data aplikací\Identities
2012-10-21 12:42:10 . 2012-10-21 14:33:52 -------- d-----w- C:\Documents and Settings\007\Data aplikací\PhotoFiltre 7
2012-10-21 12:42:06 . 2012-10-21 12:42:08 -------- d-----w- C:\Program Files\PhotoFiltre 7
2012-10-19 20:24:10 . 2012-10-21 11:28:01 -------- d-----w- C:\Documents and Settings\007\Local Settings\Data aplikací\WMTools Downloaded Files
2012-10-15 17:13:20 . 2012-10-15 17:13:20 -------- d-----w- C:\VW
2012-10-15 17:12:10 . 2012-10-15 17:53:27 -------- d-----w- C:\ElsaWin
2012-10-15 17:12:10 . 2012-10-15 17:12:10 -------- d-----w- C:\Program Files\Diagnose-BK
2012-10-15 17:10:13 . 2012-10-21 07:11:44 -------- d-----w- C:\Program Files\Common Files\Adobe
2012-10-15 17:09:34 . 2012-10-15 17:09:34 -------- d-----w- C:\WINDOWS\Cache
2012-10-14 05:53:44 . 2012-10-14 05:57:12 -------- d-----w- C:\Program Files\ChrisTV Online FREE Edition
2012-10-14 05:49:47 . 2012-10-14 05:49:47 -------- d-----w- C:\Program Files\Motordiag Komfort Manager Lite 1.20
2012-10-07 10:50:39 . 2012-10-11 14:37:33 -------- d-----w- C:\Program Files\Carsoft
2012-10-04 20:05:58 . 2012-08-14 12:43:10 851176 ----a-w- C:\WINDOWS\system32\WinUSBCoInstaller2.dll
2012-10-04 20:02:50 . 2012-10-04 20:02:50 -------- d-----w- C:\Program Files\Sony
2012-10-04 20:02:50 . 2012-10-04 20:02:50 -------- d-----w- C:\Documents and Settings\All Users\Data aplikací\Sony
2012-10-01 20:58:09 . 2012-10-01 20:58:09 -------- d-----w- C:\databases
2012-10-01 20:53:49 . 2006-09-21 23:33:15 69632 ----a-w- C:\WINDOWS\system32\Crypserv.exe
2012-10-01 20:53:49 . 2006-01-10 02:47:27 31846 ----a-w- C:\WINDOWS\system32\Ckldrv.sys
2012-10-01 20:53:49 . 1999-06-18 21:49:32 165888 ----a-w- C:\WINDOWS\Ckconfig.exe
2012-10-01 20:53:49 . 1996-05-03 17:21:20 27648 ----a-r- C:\WINDOWS\Setup_ck.exe
2012-10-01 20:53:49 . 1996-05-03 15:36:50 18432 ----a-w- C:\WINDOWS\Setup_ck.dll
2012-10-01 20:53:49 . 1995-07-04 18:33:04 11776 ----a-w- C:\WINDOWS\Ckrfresh.exe
2012-10-01 20:53:48 . 2012-10-01 20:53:48 -------- d-----w- C:\Documents and Settings\All Users\Data aplikací\WorkshopData
2012-10-01 20:49:29 . 2012-10-01 21:03:07 -------- d-----w- C:\Program Files\eTECH
2012-10-01 20:49:29 . 2012-10-01 20:49:29 -------- d--h--w- C:\Program Files\Zero G Registry
2012-10-01 20:49:00 . 2012-10-01 20:49:00 -------- d--h--w- C:\Documents and Settings\007\InstallAnywhere
2012-10-01 19:16:33 . 2012-10-14 08:37:29 -------- d---a-w- C:\ADCDA2
2012-09-30 11:28:52 . 2011-12-07 17:32:24 216064 ----a-w- C:\WINDOWS\system32\lagarith.dll
2012-09-30 11:28:52 . 2011-06-24 14:44:30 243200 ----a-w- C:\WINDOWS\system32\xvidvfw.dll
2012-09-30 11:28:52 . 2011-06-24 14:28:22 650752 ----a-w- C:\WINDOWS\system32\xvidcore.dll
2012-09-30 11:28:51 . 2011-12-21 17:14:02 151552 ----a-w- C:\WINDOWS\system32\ac3acm.acm
2012-09-30 11:28:49 . 2012-07-20 18:00:00 112640 ----a-w- C:\WINDOWS\system32\ff_vfw.dll
2012-09-30 11:28:46 . 2012-09-30 11:31:03 -------- d-----w- C:\Program Files\K-Lite Codec Pack
2012-09-30 09:29:50 . 2012-09-30 09:50:07 -------- d-----w- C:\Documents and Settings\007\Data aplikací\Broad Intelligence
2012-09-30 09:29:48 . 2012-09-30 09:50:08 -------- d-----w- C:\Program Files\MediaCoder
2012-09-30 06:21:56 . 2012-09-30 06:21:56 -------- d-----w- C:\Documents and Settings\007\Data aplikací\DivX
2012-09-30 05:36:11 . 2012-09-30 05:36:11 -------- d-----w- C:\Program Files\CodeStuff
2012-09-29 22:12:09 . 2012-09-30 08:27:53 -------- d-----w- C:\Program Files\Common Files\DivX Shared
2012-09-29 22:11:40 . 2012-09-30 08:27:54 -------- d-----w- C:\Program Files\DivX
2012-09-29 22:09:44 . 2012-09-30 08:28:38 -------- d-----w- C:\Documents and Settings\All Users\Data aplikací\DivX
2012-09-29 20:48:29 . 2012-09-29 20:48:29 -------- d-----w- C:\Program Files\Common Files\NacreWare
2012-09-29 20:48:28 . 2012-09-29 20:48:28 -------- d-----w- C:\Program Files\AMC2000
2012-09-29 20:42:23 . 2012-09-29 21:50:51 -------- d-----w- C:\Program Files\Virtual VCR
2012-09-29 20:23:48 . 2012-06-09 17:21:56 178688 ----a-w- C:\WINDOWS\system32\unrar.dll
2012-09-29 20:01:35 . 2012-09-29 20:01:38 -------- d-----w- C:\Program Files\AviSynth 2.5
2012-09-29 18:37:54 . 2012-09-30 19:25:05 -------- d-----w- C:\capture
2012-09-29 18:29:50 . 2003-10-10 10:06:40 4134 ----a-w- C:\WINDOWS\system32\drivers\FlyPCI.sys
2012-09-29 18:29:40 . 2012-09-29 18:29:40 -------- d-----w- C:\Program Files\FLY2000TV
2012-09-29 18:07:25 . 2012-09-29 18:21:41 -------- d-----w- C:\Program Files\TVR
2012-09-29 18:01:53 . 2008-04-14 06:52:58 91648 ----a-w- C:\WINDOWS\system32\kswdmcap.ax
2012-09-29 18:01:53 . 2008-04-14 06:52:58 61952 ----a-w- C:\WINDOWS\system32\kstvtune.ax
2012-09-29 18:01:53 . 2008-04-14 06:52:58 28672 ----a-w- C:\WINDOWS\system32\vidcap.ax
2012-09-29 18:01:53 . 2003-10-20 06:30:42 135168 ----a-w- C:\WINDOWS\system32\34api.dll
2012-09-29 18:01:53 . 2003-10-20 06:30:42 114688 ----a-w- C:\WINDOWS\system32\34com.dll
2012-09-29 18:01:53 . 2003-04-08 09:11:00 110592 ----a-w- C:\WINDOWS\system32\prop7134.dll
2012-09-29 18:01:52 . 2008-04-14 06:52:06 54272 -c--a-w- C:\WINDOWS\system32\dllcache\vfwwdm32.dll
2012-09-29 18:01:52 . 2008-04-14 06:52:06 54272 ----a-w- C:\WINDOWS\system32\vfwwdm32.dll
2012-09-29 18:01:49 . 2008-04-14 06:52:58 43008 ----a-w- C:\WINDOWS\system32\ksxbar.ax
2012-09-29 18:01:18 . 2004-11-05 02:17:52 334816 ----a-w- C:\WINDOWS\system32\drivers\Cap7134.sys
2012-09-29 18:01:18 . 2004-10-01 08:07:00 552960 ----a-w- C:\WINDOWS\system32\UNINSTAL.EXE
2012-09-29 18:01:18 . 2003-03-20 18:26:00 126976 ----a-w- C:\WINDOWS\system32\HMPV2_ENC_MMX.DLL
2012-09-28 16:10:14 . 2012-10-12 11:22:08 -------- d-----w- C:\Program Files\PokerStars
2012-09-28 15:06:10 . 2008-11-23 09:23:06 97792 ----a-w- C:\WINDOWS\system32\drivers\NSHE.SYS
2012-09-28 15:04:49 . 2006-11-22 08:01:48 693760 ----a-w- C:\WINDOWS\system32\drivers\hardlock.sys
2012-09-28 15:04:45 . 2012-09-28 15:04:45 191488 ----a-w- C:\WINDOWS\system32\hlvdd.dll
2012-09-28 15:04:36 . 2006-12-20 08:00:20 671112 ----a-w- C:\WINDOWS\system32\hdinst_windows.dll
2012-09-28 15:04:36 . 2006-12-20 08:00:16 2511360 ----a-w- C:\WINDOWS\system32\haspds_windows.dll
2012-09-28 15:04:36 . 2006-11-30 09:06:00 69632 ----a-w- C:\WINDOWS\system32\hasp_inst_help1.dll
2012-09-28 15:04:36 . 2005-09-06 15:06:20 28672 ----a-w- C:\WINDOWS\system32\hlduinst.exe
2012-09-28 15:04:35 . 2006-12-20 09:55:08 3066968 ----a-w- C:\WINDOWS\system32\hinstd.dll
2012-09-28 14:46:04 . 2012-09-28 14:46:36 -------- d-----w- C:\ETKA
.

(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))

2012-10-26 18:29:43 . 2012-08-02 20:20:59 746984 ----a-w- C:\WINDOWS\system32\deployJava1.dll
2012-09-01 05:39:37 . 2012-08-28 05:25:13 73416 ----a-w- C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2012-09-01 05:39:37 . 2012-08-28 05:25:13 696520 ----a-w- C:\WINDOWS\system32\FlashPlayerApp.exe
2012-08-27 15:47:40 . 2012-08-27 15:47:40 223788 ----a-w- C:\Documents and Settings\All Users\Data aplikací\1346082440.bdinstall.bin

------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.

[-] 2008-08-08 15:44:13 . 1E603EA2A3FDBAE9E5B88A8CB3C03124 . 1571840 . . [5.1.2600.5512 (xpsp.080413-2111)] . . C:\WINDOWS\system32\sfcfiles.dll

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))

*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CreativeTaskScheduler"="C:\Program Files\Creative\Shared Files\CTSched.exe" [2006-11-17 15:42:46 53341]
"H/PC Connection Agent"="C:\Program Files\Microsoft ActiveSync\Wcescomm.exe" [2006-11-13 14:31:34 1289000]
"DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\DTLite.exe" [2012-01-24 13:19:14 3478336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-09-08 11:12:34 98304]
"Samsung PanelMgr"="C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe" [2010-10-29 02:14:44 618496]
"3200 Scan2PC"="C:\WINDOWS\Twain_32\Samsung\SCX3200\Scan2pc.exe" [2010-05-18 22:46:02 1989120]
"SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 07:04:54 252848]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2008-04-14 06:52:18 15360]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nltide_2"="shell32" [X]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{DAE0285D-0788-4E87-985E-01DF2EDE4ACD}"= "C:\WINDOWS\system32\Wshxt.dll" [2012-07-14 08:52:56 53248]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaSuite.exe]
2012-05-16 13:44:58 1084840 ----a-w- C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"Creative Audio Engine Licensing Service"=3 (0x3)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"E:\\ProgramFILE\\uTorrentPortable\\App\\utorrent\\utorrent.exe"=
"E:\\GREYLINK\\greylink.exe"=
"C:\\WINDOWS\\twain_32\\Samsung\\ScanMgr.exe"=
"C:\\WINDOWS\\twain_32\\Samsung\\SCX3200\\Scan2Pc.exe"=
"C:\\WINDOWS\\twain_32\\Samsung\\SCX3200\\Sscan2io.exe"=
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"= C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"= C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"= C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=
"C:\\Program Files\\Rockstar Games\\Max Payne 3\\MaxPayne3.exe"=
"C:\\Program Files\\Java\\jre7\\bin\\javaw.exe"=
"C:\\ElsaWin\\bin\\ElsaWin.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
"135:TCP"= 135:TCP:ElsaWinRPC

R0 mv61xx;mv61xx;C:\WINDOWS\system32\drivers\mv61xx.sys [8.8.2008 17:06:27 143360]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\WINDOWS\system32\drivers\dtsoftbus01.sys [29.7.2012 14:46:23 242240]
R1 Winhpfile;Winhpfile;C:\vlrqvdfn\HPFile.sys [14.7.2012 9:52:56 16601]
R2 LcSvrAdm;ELSA Administration Service;C:\ElsaWin\bin\LcSvrAdm.exe [6.12.2011 16:10:44 240640]
R2 LcSvrDba;ELSA DBA Server;C:\ElsaWin\bin\LcSvrDba.exe [6.12.2011 16:03:38 392704]
R2 LcSvrHis;ELSA Historie Server;C:\ElsaWin\bin\LcSvrHis.exe [6.12.2011 16:08:58 335360]
R2 LcSvrPAS;ELSA PASS Server;C:\ElsaWin\bin\LcSvrPas.exe [6.12.2011 16:04:48 477696]
R2 LcSvrSaz;ELSA APOSpro Server;C:\ElsaWin\bin\LcSvrSaz.exe [6.12.2011 16:08:16 373248]
R2 NSHE;Guardant Emulator Driver;C:\WINDOWS\system32\drivers\NSHE.SYS [28.9.2012 16:06:10 97792]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;C:\WINDOWS\system32\drivers\AtihdXP3.sys [9.7.2012 21:28:58 100368]
R3 COMMONFX.SYS;COMMONFX.SYS;C:\WINDOWS\system32\drivers\COMMONFX.sys [18.3.2010 19:39:10 99416]
R3 CTAUDFX.SYS;CTAUDFX.SYS;C:\WINDOWS\system32\drivers\CTAUDFX.sys [18.3.2010 19:39:18 555096]
R3 CTSBLFX.SYS;CTSBLFX.SYS;C:\WINDOWS\system32\drivers\CTSBLFX.sys [18.3.2010 19:39:28 566360]
R3 LcSvrAuf;ELSA Auftragsverwaltungs Service;C:\ElsaWin\bin\LcSvrAuf.exe [6.12.2011 16:07:28 1321472]
R3 PhTVTune;Philips TDA8275 Silicon TV Tuner;C:\WINDOWS\system32\drivers\phtvtune.sys [29.9.2012 19:02:09 19904]
S2 OMSCAN;OMSCAN;\SysŐ --> \SysŐ [?]
S2 SSPORT;SSPORT;\??\C:\WINDOWS\system32\Drivers\SSPORT.sys --> C:\WINDOWS\system32\Drivers\SSPORT.sys [?]
S3 COMMONFX;COMMONFX;C:\WINDOWS\system32\drivers\COMMONFX.sys [18.3.2010 19:39:10 99416]
S3 CTAUDFX;CTAUDFX;C:\WINDOWS\system32\drivers\CTAUDFX.sys [18.3.2010 19:39:18 555096]
S3 CTERFXFX.SYS;CTERFXFX.SYS;C:\WINDOWS\system32\drivers\CTERFXFX.sys [18.3.2010 19:39:36 100952]
S3 CTERFXFX;CTERFXFX;C:\WINDOWS\system32\drivers\CTERFXFX.sys [18.3.2010 19:39:36 100952]
S3 CTSBLFX;CTSBLFX;C:\WINDOWS\system32\drivers\CTSBLFX.sys [18.3.2010 19:39:28 566360]
S3 FlyPCI;FlyPCI;C:\WINDOWS\system32\drivers\FlyPCI.sys [29.9.2012 19:29:50 4134]
S3 MBAMSwissArmy;MBAMSwissArmy;\??\C:\WINDOWS\system32\drivers\mbamswissarmy.sys --> C:\WINDOWS\system32\drivers\mbamswissarmy.sys [?]
S3 Sony PC Companion;Sony PC Companion;C:\Program Files\Sony\Sony PC Companion\PCCService.exe [4.10.2012 21:02:50 155320]
S4 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [9.7.2012 21:54:55 79360]

--- Ostatní služby/ovladače v paměti ---

*NewlyCreated* - WS2IFSL

#17 Příspěvek od **stell** » 28 říj 2012 12:05

C:\Documents and Settings\007\Plocha\Download\ComboFix.exe

1:Spust TDSSKILLER
navod,log vloz sem.
http://www.viruskasino.com/2010/12/odst ... kitov.html

2:Combofix si zakopal, tak ze ho vykop, a daj na plochu, spust znova a log vloz sem

lavega · #18 Příspěvek od **lavega** » 28 říj 2012 12:26

Po reštarte sa mi nezobrazuje log combofixu

#19 Příspěvek od **stell** » 28 říj 2012 12:34

skus citat co pisem
Najprv si mal spravit log z TDSSKILLER, a potom combofix, ak si spustil combofix, tak daj hladat, a napis combofix.txt a malo by ti najst combofix.txt1

lavega · #20 Příspěvek od **lavega** » 28 říj 2012 12:35

Tak som robil TDSSKILLER a potom Combofix

12:36:52.0062 2408 TDSS rootkit removing tool 2.8.13.0 Oct 12 2012 17:26:47
12:36:52.0250 2408 ============================================================
12:36:52.0250 2408 Current date / time: 2012/10/28 12:36:52.0250
12:36:52.0250 2408 SystemInfo:
12:36:52.0250 2408
12:36:52.0250 2408 OS Version: 5.1.2600 ServicePack: 3.0
12:36:52.0250 2408 Product type: Workstation
12:36:52.0250 2408 ComputerName: MATRIX
12:36:52.0250 2408 UserName: 007
12:36:52.0250 2408 Windows directory: C:\WINDOWS
12:36:52.0250 2408 System windows directory: C:\WINDOWS
12:36:52.0250 2408 Processor architecture: Intel x86
12:36:52.0250 2408 Number of processors: 2
12:36:52.0250 2408 Page size: 0x1000
12:36:52.0250 2408 Boot type: Normal boot
12:36:52.0250 2408 ============================================================
12:36:53.0421 2408 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
12:36:53.0421 2408 Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
12:36:53.0437 2408 Drive \Device\Harddisk2\DR2 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x3A38B, SectorsPerTrack: 0x20, TracksPerCylinder: 0x40, Type 'K0', Flags 0x00000054
12:36:53.0437 2408 ============================================================
12:36:53.0437 2408 \Device\Harddisk0\DR0:
12:36:53.0437 2408 MBR partitions:
12:36:53.0437 2408 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x254297C1
12:36:53.0437 2408 \Device\Harddisk1\DR1:
12:36:53.0437 2408 MBR partitions:
12:36:53.0437 2408 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A380D41
12:36:53.0437 2408 \Device\Harddisk2\DR2:
12:36:53.0437 2408 MBR partitions:
12:36:53.0437 2408 \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x20, BlocksNum 0x1D1C4FE0
12:36:53.0437 2408 ============================================================
12:36:53.0515 2408 C: <-> \Device\Harddisk0\DR0\Partition1
12:36:53.0515 2408 D: <-> \Device\Harddisk2\DR2\Partition1
12:36:53.0562 2408 E: <-> \Device\Harddisk1\DR1\Partition1
12:36:53.0562 2408 ============================================================
12:36:53.0562 2408 Initialize success
12:36:53.0562 2408 ============================================================
12:36:54.0906 2776 ============================================================
12:36:54.0906 2776 Scan started
12:36:54.0906 2776 Mode: Manual;
12:36:54.0906 2776 ============================================================
12:36:55.0968 2776 ================ Scan system memory ========================
12:36:55.0968 2776 System memory - ok
12:36:55.0968 2776 ================ Scan services =============================
12:36:56.0140 2776 Abiosdsk - ok
12:36:56.0140 2776 abp480n5 - ok
12:36:56.0187 2776 [ 4FE34F1F3126B61FCC6B2043AA8112C9 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
12:36:56.0187 2776 ACPI - ok
12:36:56.0218 2776 [ AFDFF022A01F0B11C776F0860C3B282F ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
12:36:56.0218 2776 ACPIEC - ok
12:36:56.0234 2776 adpu160m - ok
12:36:56.0265 2776 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
12:36:56.0265 2776 aec - ok
12:36:56.0312 2776 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
12:36:56.0312 2776 AFD - ok
12:36:56.0312 2776 Aha154x - ok
12:36:56.0328 2776 aic78u2 - ok
12:36:56.0328 2776 aic78xx - ok
12:36:56.0359 2776 [ E0A6FA244B8624D78FE5FF6F56A33BAE ] Alerter C:\WINDOWS\system32\alrsvc.dll
12:36:56.0359 2776 Alerter - ok
12:36:56.0375 2776 [ 88842DE939A827577BF24243699AC80A ] ALG C:\WINDOWS\System32\alg.exe
12:36:56.0375 2776 ALG - ok
12:36:56.0390 2776 AliIde - ok
12:36:56.0390 2776 amsint - ok
12:36:56.0421 2776 [ 6B8E7A90E576D4FE308F97C69060A171 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
12:36:56.0421 2776 AppMgmt - ok
12:36:56.0421 2776 asc - ok
12:36:56.0437 2776 asc3350p - ok
12:36:56.0437 2776 asc3550 - ok
12:36:56.0515 2776 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
12:36:56.0531 2776 aspnet_state - ok
12:36:56.0562 2776 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
12:36:56.0562 2776 AsyncMac - ok
12:36:56.0593 2776 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
12:36:56.0593 2776 atapi - ok
12:36:56.0609 2776 Atdisk - ok
12:36:56.0656 2776 [ 192A651DF943EE391DFD2E4A123F07F6 ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe
12:36:56.0671 2776 Ati HotKey Poller - ok
12:36:56.0812 2776 [ 0A8B257DB810BE78AC9FD1860B4BA22B ] ati2mtag C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
12:36:56.0859 2776 ati2mtag - ok
12:36:56.0906 2776 [ DE4A84289722705231013745C1E15829 ] AtiHDAudioService C:\WINDOWS\system32\drivers\AtihdXP3.sys
12:36:56.0906 2776 AtiHDAudioService - ok
12:36:56.0937 2776 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
12:36:56.0937 2776 Atmarpc - ok
12:36:56.0953 2776 [ DE31B88962A8645DBA5A37B993E7B0F1 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
12:36:56.0953 2776 AudioSrv - ok
12:36:57.0000 2776 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
12:36:57.0000 2776 audstub - ok
12:36:57.0046 2776 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
12:36:57.0046 2776 Beep - ok
12:36:57.0093 2776 [ 19395D092FD85DDC2D9C7729CF5A2AC8 ] BITS C:\WINDOWS\system32\qmgr.dll
12:36:57.0125 2776 BITS - ok
12:36:57.0171 2776 [ 89E739BBA5F636297EA5B5F811189E06 ] Browser C:\WINDOWS\System32\browser.dll
12:36:57.0171 2776 Browser - ok
12:36:57.0203 2776 [ DA674A868FF251B580E291D90D3CAA15 ] Cap7134 C:\WINDOWS\system32\DRIVERS\Cap7134.sys
12:36:57.0203 2776 Cap7134 - ok
12:36:57.0312 2776 catchme - ok
12:36:57.0343 2776 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
12:36:57.0343 2776 cbidf2k - ok
12:36:57.0375 2776 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
12:36:57.0375 2776 CCDECODE - ok
12:36:57.0390 2776 cd20xrnt - ok
12:36:57.0390 2776 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
12:36:57.0406 2776 Cdaudio - ok
12:36:57.0437 2776 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
12:36:57.0437 2776 Cdfs - ok
12:36:57.0453 2776 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
12:36:57.0453 2776 Cdrom - ok
12:36:57.0468 2776 Changer - ok
12:36:57.0484 2776 [ E390DC1D7C461D7D56EC53402F329928 ] CiSvc C:\WINDOWS\system32\cisvc.exe
12:36:57.0484 2776 CiSvc - ok
12:36:57.0515 2776 [ 064507A8DFA8C5C7E2FFDDD3E6F424FA ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
12:36:57.0515 2776 ClipSrv - ok
12:36:57.0546 2776 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:36:57.0609 2776 clr_optimization_v2.0.50727_32 - ok
12:36:57.0625 2776 CmdIde - ok
12:36:57.0656 2776 [ EF44C32B1AEF62380426B260BF2C66F1 ] COMMONFX C:\WINDOWS\system32\drivers\COMMONFX.SYS
12:36:57.0671 2776 COMMONFX - ok
12:36:57.0671 2776 [ EF44C32B1AEF62380426B260BF2C66F1 ] COMMONFX.SYS C:\WINDOWS\System32\drivers\COMMONFX.SYS
12:36:57.0671 2776 COMMONFX.SYS - ok
12:36:57.0687 2776 COMSysApp - ok
12:36:57.0687 2776 Cpqarray - ok
12:36:57.0765 2776 [ C0EAD9F8AB83D41FF07303C75589C2B8 ] Creative Audio Engine Licensing Service C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
12:36:57.0765 2776 Creative Audio Engine Licensing Service - ok
12:36:57.0765 2776 Crypkey License - ok
12:36:57.0781 2776 [ F3AB0933CBD166D271992F411C27CCAF ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
12:36:57.0796 2776 CryptSvc - ok
12:36:57.0843 2776 [ 357C534B38019B597F51C8BF7186C118 ] ctac32k C:\WINDOWS\system32\drivers\ctac32k.sys
12:36:57.0843 2776 ctac32k - ok
12:36:57.0859 2776 [ 691F8259A1F9C983356D8DB2CDE8043C ] ctaud2k C:\WINDOWS\system32\drivers\ctaud2k.sys
12:36:57.0859 2776 ctaud2k - ok
12:36:57.0875 2776 [ 7FC78AA6521EF3D9F16E51EFAB0BF13B ] CTAUDFX C:\WINDOWS\system32\drivers\CTAUDFX.SYS
12:36:57.0890 2776 CTAUDFX - ok
12:36:57.0906 2776 [ 7FC78AA6521EF3D9F16E51EFAB0BF13B ] CTAUDFX.SYS C:\WINDOWS\System32\drivers\CTAUDFX.SYS
12:36:57.0906 2776 CTAUDFX.SYS - ok
12:36:57.0953 2776 [ 5CE3D0E1D1B3832EE052CFC442EEE0FA ] CTAudSvcService C:\Program Files\Creative\Shared Files\CTAudSvc.exe
12:36:57.0953 2776 CTAudSvcService - ok
12:36:58.0015 2776 [ 8545D70B0335A05498F34E7E3F8CA9A2 ] ctdvda2k C:\WINDOWS\system32\drivers\ctdvda2k.sys
12:36:58.0015 2776 ctdvda2k - ok
12:36:58.0031 2776 [ 16F448354067914E7DEAEA709011BD60 ] CTERFXFX C:\WINDOWS\system32\drivers\CTERFXFX.SYS
12:36:58.0046 2776 CTERFXFX - ok
12:36:58.0062 2776 [ 16F448354067914E7DEAEA709011BD60 ] CTERFXFX.SYS C:\WINDOWS\System32\drivers\CTERFXFX.SYS
12:36:58.0062 2776 CTERFXFX.SYS - ok
12:36:58.0062 2776 [ 4D71541283AEA28FB839007BE90B5FC7 ] ctprxy2k C:\WINDOWS\system32\drivers\ctprxy2k.sys
12:36:58.0062 2776 ctprxy2k - ok
12:36:58.0078 2776 [ 64C83684661BE137023F5186A612CF34 ] CTSBLFX C:\WINDOWS\system32\drivers\CTSBLFX.SYS
12:36:58.0078 2776 CTSBLFX - ok
12:36:58.0093 2776 [ 64C83684661BE137023F5186A612CF34 ] CTSBLFX.SYS C:\WINDOWS\System32\drivers\CTSBLFX.SYS
12:36:58.0093 2776 CTSBLFX.SYS - ok
12:36:58.0109 2776 [ 632194572EBDE8D461728CF382A7E964 ] ctsfm2k C:\WINDOWS\system32\drivers\ctsfm2k.sys
12:36:58.0125 2776 ctsfm2k - ok
12:36:58.0125 2776 dac2w2k - ok
12:36:58.0125 2776 dac960nt - ok
12:36:58.0171 2776 [ BE27674D1CBC3214AEC84B4336A38BBF ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
12:36:58.0234 2776 DcomLaunch - ok
12:36:58.0234 2776 DgiVecp - ok
12:36:58.0281 2776 [ 8C9A53E285AC5E6704844D0459EC85BE ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
12:36:58.0312 2776 Dhcp - ok
12:36:58.0343 2776 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
12:36:58.0375 2776 Disk - ok
12:36:58.0375 2776 dmadmin - ok
12:36:58.0453 2776 [ DB5FD2BF5B07DC54BFCB3664FF05BD7C ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
12:36:58.0468 2776 dmboot - ok
12:36:58.0468 2776 [ FFF1720AF51171F32F1EAD5CF71F2810 ] dmio C:\WINDOWS\system32\drivers\dmio.sys
12:36:58.0468 2776 dmio - ok
12:36:58.0484 2776 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
12:36:58.0484 2776 dmload - ok
12:36:58.0515 2776 [ 2BFEFE9E865655A76982F050450B9591 ] dmserver C:\WINDOWS\System32\dmserver.dll
12:36:58.0515 2776 dmserver - ok
12:36:58.0562 2776 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
12:36:58.0562 2776 DMusic - ok
12:36:58.0578 2776 [ DFAA406BF19F4EE806A6F8D4342137F7 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
12:36:58.0578 2776 Dnscache - ok
12:36:58.0593 2776 [ 4A3E2BD20157A0946751229E92EB8621 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
12:36:58.0593 2776 Dot3svc - ok
12:36:58.0609 2776 dpti2o - ok
12:36:58.0625 2776 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
12:36:58.0625 2776 drmkaud - ok
12:36:58.0671 2776 [ 687AF6BB383885FF6A64071B189A7F3E ] dtsoftbus01 C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys
12:36:58.0671 2776 dtsoftbus01 - ok
12:36:58.0703 2776 [ 0887D9C2BE8D940778CAD1E3B85F2A41 ] EapHost C:\WINDOWS\System32\eapsvc.dll
12:36:58.0703 2776 EapHost - ok
12:36:58.0734 2776 [ BACD9CC06D7A787E529E7EBF56B671AA ] emupia C:\WINDOWS\system32\drivers\emupia2k.sys
12:36:58.0734 2776 emupia - ok
12:36:58.0750 2776 [ A2A4912798F2BE706ABADD3D30800D16 ] ERSvc C:\WINDOWS\System32\ersvc.dll
12:36:58.0750 2776 ERSvc - ok
12:36:58.0796 2776 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] Eventlog C:\WINDOWS\system32\services.exe
12:36:58.0796 2776 Eventlog - ok
12:36:58.0828 2776 [ A371F11EF07653591C8DE26AFB13CE7F ] EventSystem C:\WINDOWS\system32\es.dll
12:36:58.0828 2776 EventSystem - ok
12:36:58.0859 2776 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
12:36:58.0859 2776 Fastfat - ok
12:36:58.0890 2776 [ EE9A2B9EA968A792A053C9D1A86BF870 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
12:36:58.0890 2776 FastUserSwitchingCompatibility - ok
12:36:58.0921 2776 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
12:36:58.0921 2776 Fdc - ok
12:36:58.0937 2776 [ AC366695A0796560AA37215AD5762AAF ] Fips C:\WINDOWS\system32\drivers\Fips.sys
12:36:58.0937 2776 Fips - ok
12:36:58.0953 2776 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
12:36:58.0953 2776 Flpydisk - ok
12:36:58.0968 2776 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys
12:36:58.0984 2776 FltMgr - ok
12:36:59.0000 2776 [ 93F7E288350460E4BAE8807283DD4E6E ] FlyPCI C:\WINDOWS\system32\drivers\FlyPCI.sys
12:36:59.0000 2776 FlyPCI - ok
12:36:59.0078 2776 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
12:36:59.0093 2776 FontCache3.0.0.0 - ok
12:36:59.0109 2776 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
12:36:59.0109 2776 Fs_Rec - ok
12:36:59.0140 2776 [ 8142D5D886829B9876CB93AF59475C09 ] FTDIBUS C:\WINDOWS\system32\drivers\ftdibus.sys
12:36:59.0140 2776 FTDIBUS - ok
12:36:59.0140 2776 [ 4E664D8541DB4A66B73A24257E322E1F ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
12:36:59.0140 2776 Ftdisk - ok
12:36:59.0171 2776 [ 63D72A4CF9F163B59DB0CEED940A7D76 ] FTSER2K C:\WINDOWS\system32\drivers\ftser2k.sys
12:36:59.0171 2776 FTSER2K - ok
12:36:59.0203 2776 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
12:36:59.0203 2776 Gpc - ok
12:36:59.0218 2776 [ 70606233F3ED0E53CB3EA17F846D6A4F ] ha10kx2k C:\WINDOWS\system32\drivers\ha10kx2k.sys
12:36:59.0234 2776 ha10kx2k - ok
12:36:59.0265 2776 [ A0C69AD2A61E576B0207ACDD9626E167 ] hap16v2k C:\WINDOWS\system32\drivers\hap16v2k.sys
12:36:59.0265 2776 hap16v2k - ok
12:36:59.0296 2776 [ 2EE89452C574D259ADA4FC9FC1C07243 ] hap17v2k C:\WINDOWS\system32\drivers\hap17v2k.sys
12:36:59.0296 2776 hap17v2k - ok
12:36:59.0343 2776 [ D95554949082FD29A04D351B58396718 ] Hardlock C:\WINDOWS\system32\drivers\hardlock.sys
12:36:59.0359 2776 Hardlock - ok
12:36:59.0390 2776 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
12:36:59.0390 2776 HDAudBus - ok
12:36:59.0453 2776 [ FCFE31FB75F8A6295B6B0AF87A626282 ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
12:36:59.0453 2776 helpsvc - ok
12:36:59.0500 2776 [ 00E25EE90166B3E1BE6E74AEBF858306 ] HidServ C:\WINDOWS\System32\hidserv.dll
12:36:59.0500 2776 HidServ - ok
12:36:59.0515 2776 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] hidusb C:\WINDOWS\system32\DRIVERS\hidusb.sys
12:36:59.0515 2776 hidusb - ok
12:36:59.0546 2776 [ 7A6B320928F86BC851530D63C82965D9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
12:36:59.0546 2776 hkmsvc - ok
12:36:59.0546 2776 hpn - ok
12:36:59.0593 2776 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
12:36:59.0593 2776 HTTP - ok
12:36:59.0625 2776 [ 58FE2F2DA3BC5573F4A35B3760D3125F ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
12:36:59.0625 2776 HTTPFilter - ok
12:36:59.0640 2776 i2omgmt - ok
12:36:59.0640 2776 i2omp - ok
12:36:59.0687 2776 [ C528E27945367191E7BAE364930B6932 ] i8042prt C:\WINDOWS\system32\drivers\i8042prt.sys
12:36:59.0687 2776 i8042prt - ok
12:36:59.0750 2776 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
12:36:59.0765 2776 idsvc - ok
12:36:59.0796 2776 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
12:36:59.0796 2776 Imapi - ok
12:36:59.0828 2776 [ F7B93AAFAD33B2320954C17E26C8D361 ] ImapiService C:\WINDOWS\system32\imapi.exe
12:36:59.0828 2776 ImapiService - ok
12:36:59.0843 2776 ini910u - ok
12:36:59.0843 2776 IntelIde - ok
12:36:59.0859 2776 [ 27B290D632AF2CF3CF40BFDDB7370985 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
12:36:59.0859 2776 intelppm - ok
12:36:59.0890 2776 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
12:36:59.0890 2776 Ip6Fw - ok
12:36:59.0921 2776 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
12:36:59.0921 2776 IpFilterDriver - ok
12:36:59.0921 2776 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
12:36:59.0921 2776 IpInIp - ok
12:36:59.0937 2776 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
12:36:59.0937 2776 IpNat - ok
12:36:59.0937 2776 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
12:36:59.0937 2776 IPSec - ok
12:36:59.0968 2776 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
12:36:59.0968 2776 IRENUM - ok
12:37:00.0000 2776 [ CC9F8A2D60AED1A51A3AC34C59B987AE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
12:37:00.0000 2776 isapnp - ok
12:37:00.0125 2776 [ B591E761161D1EF547D76EF236EAA6A5 ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
12:37:00.0125 2776 JavaQuickStarterService - ok
12:37:00.0171 2776 [ 1B6162FE7F66B1A71A4B70F941C4AA9B ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
12:37:00.0171 2776 Kbdclass - ok
12:37:00.0187 2776 [ 86C8F23616C6C6E5B2776901C17B945B ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
12:37:00.0187 2776 kbdhid - ok
12:37:00.0203 2776 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
12:37:00.0203 2776 kmixer - ok
12:37:00.0250 2776 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
12:37:00.0250 2776 KSecDD - ok
12:37:00.0296 2776 [ 3428E8F86F8ADD36B42FB23542C7B3E4 ] LanmanServer C:\WINDOWS\System32\srvsvc.dll
12:37:00.0296 2776 LanmanServer - ok
12:37:00.0343 2776 [ 936C1D110232D23B621CB0196E4F80F0 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
12:37:00.0343 2776 lanmanworkstation - ok
12:37:00.0343 2776 lbrtfdc - ok
12:37:00.0421 2776 [ 68A6D9B7DF5B7B23546AA6B050CFD7EC ] LcSvrAdm C:\ElsaWin\bin\LcSvrAdm.exe
12:37:00.0421 2776 LcSvrAdm - ok
12:37:00.0500 2776 [ 12C339E2FEE6A9E9B0B7520014538CD3 ] LcSvrAuf C:\ElsaWin\bin\LcSvrAuf.exe
12:37:00.0531 2776 LcSvrAuf - ok
12:37:00.0578 2776 [ 2F0D7C44B2326D02CBBFD5A2EF653AF3 ] LcSvrDba C:\ElsaWin\bin\LcSvrDba.exe
12:37:00.0578 2776 LcSvrDba - ok
12:37:00.0625 2776 [ 0AC1D8B43B809A8DAFCD424716D2C42B ] LcSvrHis C:\ElsaWin\bin\LcSvrHis.exe
12:37:00.0625 2776 LcSvrHis - ok
12:37:00.0718 2776 [ 954DC6DD3A4E881F14AA9E87FABE7CE9 ] LcSvrPAS C:\ElsaWin\bin\LcSvrPas.exe
12:37:00.0718 2776 LcSvrPAS - ok
12:37:00.0796 2776 [ 14579ED47C2556B262E4B0E661FB59F7 ] LcSvrSaz C:\ElsaWin\bin\LcSvrSaz.exe
12:37:00.0796 2776 LcSvrSaz - ok
12:37:00.0843 2776 [ 0AB159F536E3E8F7F07113702A07CCA5 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
12:37:00.0843 2776 LmHosts - ok
12:37:00.0843 2776 MBAMSwissArmy - ok
12:37:00.0875 2776 [ 221CD1C815B8A6B79389C3F5D1018DE8 ] Messenger C:\WINDOWS\System32\msgsvc.dll
12:37:00.0875 2776 Messenger - ok
12:37:00.0906 2776 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
12:37:00.0906 2776 mnmdd - ok
12:37:00.0953 2776 [ 9A57D046F88F4B69751B11FD40088A61 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
12:37:00.0953 2776 mnmsrvc - ok
12:37:00.0984 2776 [ 44032B0C6D9954D3FD26438330B99EE7 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
12:37:00.0984 2776 Modem - ok
12:37:01.0031 2776 [ 4CB582831DBDE63CE43B45D771218374 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
12:37:01.0031 2776 Mouclass - ok
12:37:01.0046 2776 [ BB269EBA740737AB749B214D568B6812 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
12:37:01.0046 2776 mouhid - ok
12:37:01.0062 2776 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
12:37:01.0062 2776 MountMgr - ok
12:37:01.0062 2776 mraid35x - ok
12:37:01.0078 2776 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
12:37:01.0078 2776 MRxDAV - ok
12:37:01.0109 2776 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
12:37:01.0109 2776 MRxSmb - ok
12:37:01.0140 2776 [ 6DB4D1521CABA9A5FFAB54ADE0AE867D ] MSDTC C:\WINDOWS\system32\msdtc.exe
12:37:01.0140 2776 MSDTC - ok
12:37:01.0156 2776 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
12:37:01.0156 2776 Msfs - ok
12:37:01.0171 2776 MSIServer - ok
12:37:01.0203 2776 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
12:37:01.0203 2776 MSKSSRV - ok
12:37:01.0234 2776 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
12:37:01.0234 2776 MSPCLOCK - ok
12:37:01.0250 2776 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
12:37:01.0250 2776 MSPQM - ok
12:37:01.0265 2776 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
12:37:01.0281 2776 mssmbios - ok
12:37:01.0312 2776 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
12:37:01.0312 2776 MSTEE - ok
12:37:01.0328 2776 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
12:37:01.0328 2776 Mup - ok
12:37:01.0343 2776 [ 72580605F36048262C674EE925031C3C ] mv61xx C:\WINDOWS\system32\DRIVERS\mv61xx.sys
12:37:01.0343 2776 mv61xx - ok
12:37:01.0359 2776 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
12:37:01.0359 2776 NABTSFEC - ok
12:37:01.0390 2776 [ 6EA362E9DB03D44F6B996F4D8BE237E9 ] napagent C:\WINDOWS\System32\qagentrt.dll
12:37:01.0390 2776 napagent - ok
12:37:01.0406 2776 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
12:37:01.0406 2776 NDIS - ok
12:37:01.0406 2776 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
12:37:01.0421 2776 NdisIP - ok
12:37:01.0437 2776 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
12:37:01.0437 2776 NdisTapi - ok
12:37:01.0453 2776 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
12:37:01.0453 2776 Ndisuio - ok
12:37:01.0468 2776 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
12:37:01.0468 2776 NdisWan - ok
12:37:01.0468 2776 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
12:37:01.0468 2776 NDProxy - ok
12:37:01.0484 2776 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
12:37:01.0484 2776 NetBIOS - ok
12:37:01.0500 2776 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
12:37:01.0500 2776 NetBT - ok
12:37:01.0531 2776 [ 933DE774986EC85E48210C44AB431DE6 ] NetDDE C:\WINDOWS\system32\netdde.exe
12:37:01.0531 2776 NetDDE - ok
12:37:01.0531 2776 [ 933DE774986EC85E48210C44AB431DE6 ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
12:37:01.0531 2776 NetDDEdsdm - ok
12:37:01.0578 2776 [ ED0A176354487CEED65B80A7148AB739 ] Netlogon C:\WINDOWS\system32\lsass.exe
12:37:01.0578 2776 Netlogon - ok
12:37:01.0578 2776 [ 72E1E9E2977BE08BDEEDB6D8FD9D4D40 ] Netman C:\WINDOWS\System32\netman.dll
12:37:01.0593 2776 Netman - ok
12:37:01.0625 2776 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
12:37:01.0625 2776 NetTcpPortSharing - ok
12:37:01.0671 2776 [ 598D2F0176B169118F025F3ED6444D16 ] NetworkX C:\WINDOWS\system32\ckldrv.sys
12:37:01.0671 2776 NetworkX - ok
12:37:01.0703 2776 [ 39EE7C3BFBC64BA87CC8CF67386E814C ] Nla C:\WINDOWS\System32\mswsock.dll
12:37:01.0703 2776 Nla - ok
12:37:01.0734 2776 [ F6C40E0A565EE3CE5AEEB325E10054F2 ] nmwcd C:\WINDOWS\system32\drivers\ccdcmb.sys
12:37:01.0734 2776 nmwcd - ok
12:37:01.0750 2776 [ 2A394E9E1FA3565E4B2FEA470FFE4D6B ] nmwcdc C:\WINDOWS\system32\drivers\ccdcmbo.sys
12:37:01.0750 2776 nmwcdc - ok
12:37:01.0781 2776 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
12:37:01.0781 2776 Npfs - ok
12:37:01.0812 2776 [ F8E396F5E703D7A8F37D90F59C776268 ] NSHE C:\WINDOWS\system32\Drivers\NSHE.SYS
12:37:01.0812 2776 NSHE - ok
12:37:01.0828 2776 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
12:37:01.0843 2776 Ntfs - ok
12:37:01.0859 2776 [ ED0A176354487CEED65B80A7148AB739 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
12:37:01.0859 2776 NtLmSsp - ok
12:37:01.0875 2776 [ 023DD70573D644F3D9C8B1258A7BFD08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
12:37:01.0890 2776 NtmsSvc - ok
12:37:01.0921 2776 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
12:37:01.0921 2776 Null - ok
12:37:01.0937 2776 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
12:37:01.0937 2776 NwlnkFlt - ok
12:37:01.0953 2776 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
12:37:01.0953 2776 NwlnkFwd - ok
12:37:02.0046 2776 [ 84DE1DD996B48B05ACE31AD015FA108A ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
12:37:02.0062 2776 odserv - ok
12:37:02.0062 2776 OMSCAN - ok
12:37:02.0109 2776 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:37:02.0109 2776 ose - ok
12:37:02.0156 2776 [ AE896073E1BBF98FEFC2EC52F62C0FBA ] ossrv C:\WINDOWS\system32\drivers\ctoss2k.sys
12:37:02.0156 2776 ossrv - ok
12:37:02.0171 2776 [ 46F8DB73B4A53E543F8E371DC7C75BAE ] Parport C:\WINDOWS\system32\drivers\Parport.sys
12:37:02.0171 2776 Parport - ok
12:37:02.0187 2776 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
12:37:02.0187 2776 PartMgr - ok
12:37:02.0203 2776 [ 1FAE19D0457176318BBA4A8795656EBC ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
12:37:02.0203 2776 ParVdm - ok
12:37:02.0234 2776 [ F451DCACBAA67F3307305EBD4A39EA07 ] pccsmcfd C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
12:37:02.0234 2776 pccsmcfd - ok
12:37:02.0250 2776 [ 6CE351D149CB4BEFC702951E471E1730 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
12:37:02.0265 2776 PCI - ok
12:37:02.0265 2776 PCIDump - ok
12:37:02.0265 2776 [ 2DA4EC85E0EA7A45C6B2A05820492D5A ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
12:37:02.0281 2776 PCIIde - ok
12:37:02.0296 2776 [ 4FC31E6C19A5CE5198B1ABFF94CAE758 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
12:37:02.0296 2776 Pcmcia - ok
12:37:02.0296 2776 PDCOMP - ok
12:37:02.0312 2776 PDFRAME - ok
12:37:02.0312 2776 PDRELI - ok
12:37:02.0328 2776 PDRFRAME - ok
12:37:02.0328 2776 perc2 - ok
12:37:02.0343 2776 perc2hib - ok
12:37:02.0515 2776 [ F042EE4C8D66248D9B86DCF52ABAE416 ] PEVSystemStart C:\ComboFix\pev.3XE
12:37:02.0609 2776 PEVSystemStart - ok
12:37:02.0640 2776 [ 7501124DABACA0C87B1375012A17C7FB ] PhTVTune C:\WINDOWS\system32\DRIVERS\PhTVTune.sys
12:37:02.0640 2776 PhTVTune - ok
12:37:02.0656 2776 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] PlugPlay C:\WINDOWS\system32\services.exe
12:37:02.0656 2776 PlugPlay - ok
12:37:02.0671 2776 [ ED0A176354487CEED65B80A7148AB739 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
12:37:02.0671 2776 PolicyAgent - ok
12:37:02.0718 2776 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
12:37:02.0718 2776 PptpMiniport - ok
12:37:02.0734 2776 [ ED0A176354487CEED65B80A7148AB739 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
12:37:02.0734 2776 ProtectedStorage - ok
12:37:02.0750 2776 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
12:37:02.0750 2776 PSched - ok
12:37:02.0765 2776 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
12:37:02.0765 2776 Ptilink - ok
12:37:02.0765 2776 ql1080 - ok
12:37:02.0781 2776 Ql10wnt - ok
12:37:02.0781 2776 ql12160 - ok
12:37:02.0781 2776 ql1240 - ok
12:37:02.0796 2776 ql1280 - ok
12:37:02.0812 2776 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
12:37:02.0812 2776 RasAcd - ok
12:37:02.0843 2776 [ 2B5E44EA009F2F374B980E1E9A70635D ] RasAuto C:\WINDOWS\System32\rasauto.dll
12:37:02.0843 2776 RasAuto - ok
12:37:02.0875 2776 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
12:37:02.0875 2776 Rasl2tp - ok
12:37:02.0890 2776 [ D57554C664B64604BD1EE13EA2C07E77 ] RasMan C:\WINDOWS\System32\rasmans.dll
12:37:02.0890 2776 RasMan - ok
12:37:02.0906 2776 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
12:37:02.0906 2776 RasPppoe - ok
12:37:02.0906 2776 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
12:37:02.0906 2776 Raspti - ok
12:37:02.0937 2776 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
12:37:02.0937 2776 Rdbss - ok
12:37:02.0953 2776 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
12:37:02.0953 2776 RDPCDD - ok
12:37:02.0984 2776 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
12:37:02.0984 2776 rdpdr - ok
12:37:03.0015 2776 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
12:37:03.0015 2776 RDPWD - ok
12:37:03.0046 2776 [ C0D9D9711CB74EE9BC66353D8CBDAB0E ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
12:37:03.0046 2776 RDSessMgr - ok
12:37:03.0078 2776 [ 611BFD220305BE3A85AE876EA47D4AA5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
12:37:03.0078 2776 redbook - ok
12:37:03.0109 2776 [ 127C26B5371651043450E52542099ABA ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
12:37:03.0109 2776 RemoteAccess - ok
12:37:03.0140 2776 [ 8F31505484A190D5B22274708799F4EC ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
12:37:03.0140 2776 RemoteRegistry - ok
12:37:03.0171 2776 [ 718B3BDC0BC3C2F7D065A53D26202AF9 ] RpcLocator C:\WINDOWS\system32\locator.exe
12:37:03.0171 2776 RpcLocator - ok
12:37:03.0203 2776 [ BE27674D1CBC3214AEC84B4336A38BBF ] RpcSs C:\WINDOWS\System32\rpcss.dll
12:37:03.0203 2776 RpcSs - ok
12:37:03.0250 2776 [ 09AB2E71E58B078038E3BFDBA7FFC984 ] RSVP C:\WINDOWS\system32\rsvp.exe
12:37:03.0250 2776 RSVP - ok
12:37:03.0281 2776 [ 1323BA3CA4E8D863EB00CD81C0AAF356 ] RTLE8023xp C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
12:37:03.0281 2776 RTLE8023xp - ok
12:37:03.0296 2776 [ ED0A176354487CEED65B80A7148AB739 ] SamSs C:\WINDOWS\system32\lsass.exe
12:37:03.0296 2776 SamSs - ok
12:37:03.0312 2776 [ 410046E401EB11E1E6749E9DEEA41D4A ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
12:37:03.0328 2776 SCardSvr - ok
12:37:03.0359 2776 [ 3FF232A7731621B8902D81D42418C93C ] Schedule C:\WINDOWS\system32\schedsvc.dll
12:37:03.0359 2776 Schedule - ok
12:37:03.0390 2776 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
12:37:03.0390 2776 Secdrv - ok
12:37:03.0421 2776 [ 477E2C3CC5E4A0D635BCB0EA8DCAC3C6 ] seclogon C:\WINDOWS\System32\seclogon.dll
12:37:03.0421 2776 seclogon - ok
12:37:03.0437 2776 [ A530B75C10C23C9AB28FDB6CE719E21F ] SENS C:\WINDOWS\system32\sens.dll
12:37:03.0437 2776 SENS - ok
12:37:03.0453 2776 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
12:37:03.0453 2776 serenum - ok
12:37:03.0453 2776 [ B842729337C9B921615C40D3C1A1AF96 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
12:37:03.0453 2776 Serial - ok
12:37:03.0546 2776 [ C3BB6CF8F9EE199005A2AAE2815AD756 ] ServiceLayer C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
12:37:03.0562 2776 ServiceLayer - ok
12:37:03.0609 2776 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
12:37:03.0609 2776 Sfloppy - ok
12:37:03.0640 2776 [ F58FACA9621D2DB01BD0927D9A0A208E ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
12:37:03.0656 2776 SharedAccess - ok
12:37:03.0671 2776 [ EE9A2B9EA968A792A053C9D1A86BF870 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
12:37:03.0671 2776 ShellHWDetection - ok
12:37:03.0671 2776 Simbad - ok
12:37:03.0687 2776 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
12:37:03.0687 2776 SLIP - ok
12:37:03.0750 2776 [ 5177D14A78E60FD61DCFC6B388E7E971 ] Sony PC Companion C:\Program Files\Sony\Sony PC Companion\PCCService.exe
12:37:03.0750 2776 Sony PC Companion - ok
12:37:03.0765 2776 Sparrow - ok
12:37:03.0796 2776 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
12:37:03.0812 2776 splitter - ok
12:37:03.0843 2776 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
12:37:03.0843 2776 Spooler - ok
12:37:03.0890 2776 [ 94610C8653635E4459316A0050D55CE7 ] Sr C:\WINDOWS\system32\DRIVERS\sr.sys
12:37:03.0890 2776 Sr - ok
12:37:03.0906 2776 [ 35B91147124F64AC8081A2EDB9EA4DEE ] srservice C:\WINDOWS\system32\srsvc.dll
12:37:03.0921 2776 srservice - ok
12:37:03.0937 2776 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
12:37:03.0937 2776 Srv - ok
12:37:03.0968 2776 [ BECD5271DC4E3B7C3D035F790FCBC1E5 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
12:37:03.0968 2776 SSDPSRV - ok
12:37:03.0984 2776 SSPORT - ok
12:37:04.0031 2776 [ C1CDD9275F6A115BB0AE1D55D8D27BA6 ] stisvc C:\WINDOWS\system32\wiaservc.dll
12:37:04.0031 2776 stisvc - ok
12:37:04.0062 2776 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
12:37:04.0062 2776 streamip - ok
12:37:04.0109 2776 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
12:37:04.0109 2776 swenum - ok
12:37:04.0125 2776 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
12:37:04.0125 2776 swmidi - ok
12:37:04.0125 2776 SwPrv - ok
12:37:04.0140 2776 symc810 - ok
12:37:04.0140 2776 symc8xx - ok
12:37:04.0156 2776 sym_hi - ok
12:37:04.0156 2776 sym_u3 - ok
12:37:04.0218 2776 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
12:37:04.0218 2776 sysaudio - ok
12:37:04.0250 2776 [ CE06F01B88ACE199A1BF460CAC29C110 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
12:37:04.0265 2776 SysmonLog - ok
12:37:04.0312 2776 [ C2546CD7A398476F9DF5614B2AE160E8 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
12:37:04.0328 2776 TapiSrv - ok
12:37:04.0343 2776 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
12:37:04.0359 2776 Tcpip - ok
12:37:04.0375 2776 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
12:37:04.0390 2776 TDPIPE - ok
12:37:04.0406 2776 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
12:37:04.0406 2776 TDTCP - ok
12:37:04.0437 2776 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
12:37:04.0437 2776 TermDD - ok
12:37:04.0453 2776 [ A75DD6FC3DBEE4FFF5EBC9F2C28BB66E ] TermService C:\WINDOWS\System32\termsrv.dll
12:37:04.0453 2776 TermService - ok
12:37:04.0468 2776 [ EE9A2B9EA968A792A053C9D1A86BF870 ] Themes C:\WINDOWS\System32\shsvcs.dll
12:37:04.0484 2776 Themes - ok
12:37:04.0515 2776 [ CD0CC7B167D78043A41C98D4921EFB54 ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
12:37:04.0515 2776 TlntSvr - ok
12:37:04.0515 2776 TosIde - ok
12:37:04.0546 2776 [ 38853304CCB938D30E0C4CDE8D2C2A8A ] TrkWks C:\WINDOWS\system32\trkwks.dll
12:37:04.0562 2776 TrkWks - ok
12:37:04.0578 2776 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
12:37:04.0578 2776 Udfs - ok
12:37:04.0578 2776 ultra - ok
12:37:04.0609 2776 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
12:37:04.0609 2776 Update - ok
12:37:04.0640 2776 [ 651BD90DCEE5B7BDC74A2EB7C9266F9E ] upnphost C:\WINDOWS\System32\upnphost.dll
12:37:04.0640 2776 upnphost - ok
12:37:04.0687 2776 [ 47F5F9D837D80FFD5882A14DB9DA0A67 ] upperdev C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys
12:37:04.0687 2776 upperdev - ok
12:37:04.0703 2776 [ 20A0F6A11959E92908717D09E87D670D ] UPS C:\WINDOWS\System32\ups.exe
12:37:04.0703 2776 UPS - ok
12:37:04.0734 2776 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
12:37:04.0734 2776 usbccgp - ok
12:37:04.0734 2776 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
12:37:04.0734 2776 usbehci - ok
12:37:04.0750 2776 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
12:37:04.0750 2776 usbhub - ok
12:37:04.0781 2776 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
12:37:04.0781 2776 usbprint - ok
12:37:04.0812 2776 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
12:37:04.0812 2776 usbscan - ok
12:37:04.0828 2776 [ 1C888B000C2F9492F4B15B5B6B84873E ] usbser C:\WINDOWS\system32\drivers\usbser.sys
12:37:04.0828 2776 usbser - ok
12:37:04.0859 2776 [ E44F0D17BE0908B58DCC99CCB99C6C32 ] UsbserFilt C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys
12:37:04.0859 2776 UsbserFilt - ok
12:37:04.0890 2776 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
12:37:04.0890 2776 USBSTOR - ok
12:37:04.0906 2776 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
12:37:04.0906 2776 usbuhci - ok
12:37:04.0953 2776 [ B6CC50279D6CD28E090A5D33244ADC9A ] usb_rndisx C:\WINDOWS\system32\DRIVERS\usb8023x.sys
12:37:04.0953 2776 usb_rndisx - ok
12:37:04.0984 2776 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
12:37:04.0984 2776 VgaSave - ok
12:37:05.0000 2776 ViaIde - ok
12:37:05.0046 2776 [ 28A4B296B47782173C346E376CB374D1 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
12:37:05.0046 2776 VolSnap - ok
12:37:05.0062 2776 [ D6BA1A63D9E00933F1CD2A885573AFB2 ] VSS C:\WINDOWS\System32\vssvc.exe
12:37:05.0078 2776 VSS - ok
12:37:05.0109 2776 [ FA4E1CDBA256787F2149F4AAD07BC91F ] W32Time C:\WINDOWS\system32\w32time.dll
12:37:05.0109 2776 W32Time - ok
12:37:05.0125 2776 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
12:37:05.0125 2776 Wanarp - ok
12:37:05.0156 2776 [ D918617B46457B9AC28027722E30F647 ] Wdf01000 C:\WINDOWS\system32\Drivers\wdf01000.sys
12:37:05.0171 2776 Wdf01000 - ok
12:37:05.0171 2776 WDICA - ok
12:37:05.0218 2776 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
12:37:05.0218 2776 wdmaud - ok
12:37:05.0265 2776 [ 47AE51048A82DFA1CD6B51D369F7E169 ] WebClient C:\WINDOWS\System32\webclnt.dll
12:37:05.0265 2776 WebClient - ok
12:37:05.0328 2776 [ 7275D68F1133ADAB3E4190A78397D51C ] Winhpfile C:\vlrqvdfn\HPFile.sys
12:37:05.0328 2776 Winhpfile - ok
12:37:05.0390 2776 [ E488332126E3B1182D2B8A0C35408EC6 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
12:37:05.0390 2776 winmgmt - ok
12:37:05.0453 2776 [ 30FC6E5448D0CBAAA95280EEEF7FEDAE ] WinUSB C:\WINDOWS\system32\DRIVERS\WinUSB.sys
12:37:05.0453 2776 WinUSB - ok
12:37:05.0484 2776 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\mspmsnsv.dll
12:37:05.0484 2776 WmdmPmSN - ok
12:37:05.0515 2776 [ 0171CFF34BBA8C5977F18C48D8AEF8C6 ] Wmi C:\WINDOWS\System32\advapi32.dll
12:37:05.0515 2776 Wmi - ok
12:37:05.0562 2776 [ 23F6F03272F7E5679F1F050AED5ACEE6 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
12:37:05.0562 2776 WmiApSrv - ok
12:37:05.0640 2776 [ 3739866D20ABD42F26A7B85F9E2560AF ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
12:37:05.0656 2776 WMPNetworkSvc - ok
12:37:05.0687 2776 [ CF4DEF1BF66F06964DC0D91844239104 ] WpdUsb C:\WINDOWS\system32\DRIVERS\wpdusb.sys
12:37:05.0687 2776 WpdUsb - ok
12:37:05.0718 2776 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
12:37:05.0718 2776 WS2IFSL - ok
12:37:05.0750 2776 [ 4C86D5FAF78194995AF9CC1075F65DD3 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
12:37:05.0750 2776 wscsvc - ok
12:37:05.0765 2776 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
12:37:05.0765 2776 WSTCODEC - ok
12:37:05.0812 2776 [ C1364564800EE9784192145324A23308 ] wuauserv C:\WINDOWS\system32\wuauserv.dll
12:37:05.0843 2776 wuauserv - ok
12:37:05.0859 2776 [ EAA6324F51214D2F6718977EC9CE0DEF ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
12:37:05.0859 2776 WudfPf - ok
12:37:05.0875 2776 [ F91FF1E51FCA30B3C3981DB7D5924252 ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
12:37:05.0875 2776 WudfRd - ok
12:37:05.0906 2776 [ DDEE3682FE97037C45F4D7AB467CB8B6 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
12:37:05.0906 2776 WudfSvc - ok
12:37:05.0937 2776 [ A27D4BA7264C0BF52F32D10405BEA1D4 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
12:37:05.0953 2776 WZCSVC - ok
12:37:05.0968 2776 [ EAA4BB9EDB3FB10CF8979FE65E63658F ] xmlprov C:\WINDOWS\System32\xmlprov.dll
12:37:05.0984 2776 xmlprov - ok
12:37:06.0000 2776 ================ Scan global ===============================
12:37:06.0015 2776 [ F36278E42C8C5DF03CE17DAC8231C91C ] C:\WINDOWS\system32\basesrv.dll
12:37:06.0046 2776 [ F3FA14A297BC687D0B51289D034033C9 ] C:\WINDOWS\system32\winsrv.dll
12:37:06.0062 2776 [ F3FA14A297BC687D0B51289D034033C9 ] C:\WINDOWS\system32\winsrv.dll
12:37:06.0078 2776 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] C:\WINDOWS\system32\services.exe
12:37:06.0093 2776 [Global] - ok
12:37:06.0093 2776 ================ Scan MBR ==================================
12:37:06.0109 2776 [ 413FC2A0C716421B3158746D63736515 ] \Device\Harddisk0\DR0
12:37:06.0265 2776 \Device\Harddisk0\DR0 - ok
12:37:06.0265 2776 [ 413FC2A0C716421B3158746D63736515 ] \Device\Harddisk1\DR1
12:37:06.0500 2776 \Device\Harddisk1\DR1 - ok
12:37:06.0515 2776 [ 413FC2A0C716421B3158746D63736515 ] \Device\Harddisk2\DR2
12:37:06.0515 2776 \Device\Harddisk2\DR2 - ok
12:37:06.0515 2776 ================ Scan VBR ==================================
12:37:06.0531 2776 [ 73F04E684EE39E747E40238E15B23406 ] \Device\Harddisk0\DR0\Partition1
12:37:06.0531 2776 \Device\Harddisk0\DR0\Partition1 - ok
12:37:06.0531 2776 [ DE3A7E2D572E19830DC4ACC3E08DBD95 ] \Device\Harddisk1\DR1\Partition1
12:37:06.0531 2776 \Device\Harddisk1\DR1\Partition1 - ok
12:37:06.0546 2776 [ 798DE0A85EE444A11DCF4191359A9767 ] \Device\Harddisk2\DR2\Partition1
12:37:06.0546 2776 \Device\Harddisk2\DR2\Partition1 - ok
12:37:06.0546 2776 ============================================================
12:37:06.0546 2776 Scan finished
12:37:06.0546 2776 ============================================================
12:37:06.0546 2768 Detected object count: 0
12:37:06.0546 2768 Actual detected object count: 0

#21 Příspěvek od **stell** » 28 říj 2012 12:40

ok, takze najdi combofix.txt a vloz sem najnovsi,

lavega · #22 Příspěvek od **lavega** » 28 říj 2012 12:49

Už mi to hlada 5 minut a nič, čo je zaujimave ako sa mi zobrazuje combofix na C

#23 Příspěvek od **stell** » 28 říj 2012 13:07

to je ok, spust este raz combofix, a cakaj na log, on vypise ze pripravujem log report a vtedy musis cakat,kym combofix ukaze log.

lavega · #24 Příspěvek od **lavega** » 28 říj 2012 13:17

Podarilo sa

ComboFix 12-10-26.05 - 007 28.10.2012 13:11:54.4.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.2047.1503 [GMT 1:00]
Spuštěný z: c:\documents and settings\007\Plocha\ComboFix.exe
.
/wow section - STAGE 3
.
/wow section - STAGE 5
Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.
Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.
Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.
Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.
Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.
Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-09-28 do 2012-10-28 )))))))))))))))))))))))))))))))
.
.
2012-10-28 09:29 . 2012-10-28 09:29 -------- d-----w- C:\rsit
2012-10-28 09:29 . 2012-10-28 09:29 -------- d-----w- c:\program files\trend micro
2012-10-28 09:11 . 2012-10-28 09:11 -------- d-----w- C:\_OTL
2012-10-27 08:57 . 2009-10-27 17:31 3982240 ----a-w- c:\windows\system32\Flash10d.ocx
2012-10-27 08:57 . 2012-10-27 08:57 -------- d-----w- c:\program files\StreamTransport
2012-10-26 18:30 . 2012-10-26 18:30 -------- d-----w- c:\program files\Common Files\Java
2012-10-26 18:29 . 2012-10-26 18:29 143872 ----a-w- c:\windows\system32\javacpl.cpl
2012-10-26 18:29 . 2012-10-26 18:29 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2012-10-26 18:29 . 2012-10-26 18:29 -------- d-----w- c:\program files\Java
2012-10-22 19:29 . 2012-10-22 19:31 -------- d-----w- c:\program files\Euro Truck Simulator 2
2012-10-22 18:11 . 2012-10-22 18:11 -------- d-----w- c:\documents and settings\007\Local Settings\Data aplikací\Identities
2012-10-21 12:42 . 2012-10-21 14:33 -------- d-----w- c:\documents and settings\007\Data aplikací\PhotoFiltre 7
2012-10-21 12:42 . 2012-10-21 12:42 -------- d-----w- c:\program files\PhotoFiltre 7
2012-10-19 20:24 . 2012-10-21 11:28 -------- d-----w- c:\documents and settings\007\Local Settings\Data aplikací\WMTools Downloaded Files
2012-10-15 17:13 . 2012-10-15 17:13 -------- d-----w- C:\VW
2012-10-15 17:12 . 2012-10-15 17:53 -------- d-----w- C:\ElsaWin
2012-10-15 17:12 . 2012-10-15 17:12 -------- d-----w- c:\program files\Diagnose-BK
2012-10-15 17:10 . 2012-10-21 07:11 -------- d-----w- c:\program files\Common Files\Adobe
2012-10-15 17:09 . 2012-10-15 17:09 -------- d-----w- c:\windows\Cache
2012-10-14 05:53 . 2012-10-14 05:57 -------- d-----w- c:\program files\ChrisTV Online FREE Edition
2012-10-14 05:49 . 2012-10-28 10:53 -------- d-----w- c:\program files\Motordiag Komfort Manager Lite 1.20
2012-10-07 10:50 . 2012-10-11 14:37 -------- d-----w- c:\program files\Carsoft
2012-10-04 20:05 . 2012-08-14 12:43 851176 ----a-w- c:\windows\system32\WinUSBCoInstaller2.dll
2012-10-04 20:02 . 2012-10-04 20:02 -------- d-----w- c:\program files\Sony
2012-10-04 20:02 . 2012-10-04 20:02 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Sony
2012-10-01 20:58 . 2012-10-01 20:58 -------- d-----w- C:\databases
2012-10-01 20:53 . 2006-09-21 23:33 69632 ----a-w- c:\windows\system32\Crypserv.exe
2012-10-01 20:53 . 2006-01-10 02:47 31846 ----a-w- c:\windows\system32\Ckldrv.sys
2012-10-01 20:53 . 1999-06-18 21:49 165888 ----a-w- c:\windows\Ckconfig.exe
2012-10-01 20:53 . 1996-05-03 17:21 27648 ----a-r- c:\windows\Setup_ck.exe
2012-10-01 20:53 . 1996-05-03 15:36 18432 ----a-w- c:\windows\Setup_ck.dll
2012-10-01 20:53 . 1995-07-04 18:33 11776 ----a-w- c:\windows\Ckrfresh.exe
2012-10-01 20:53 . 2012-10-01 20:53 -------- d-----w- c:\documents and settings\All Users\Data aplikací\WorkshopData
2012-10-01 20:49 . 2012-10-01 21:03 -------- d-----w- c:\program files\eTECH
2012-10-01 20:49 . 2012-10-01 20:49 -------- d--h--w- c:\program files\Zero G Registry
2012-10-01 20:49 . 2012-10-01 20:49 -------- d--h--w- c:\documents and settings\007\InstallAnywhere
2012-10-01 19:16 . 2012-10-14 08:37 -------- d---a-w- C:\ADCDA2
2012-09-30 11:28 . 2011-12-07 17:32 216064 ----a-w- c:\windows\system32\lagarith.dll
2012-09-30 11:28 . 2011-06-24 14:44 243200 ----a-w- c:\windows\system32\xvidvfw.dll
2012-09-30 11:28 . 2011-06-24 14:28 650752 ----a-w- c:\windows\system32\xvidcore.dll
2012-09-30 11:28 . 2011-12-21 17:14 151552 ----a-w- c:\windows\system32\ac3acm.acm
2012-09-30 11:28 . 2012-07-20 18:00 112640 ----a-w- c:\windows\system32\ff_vfw.dll
2012-09-30 11:28 . 2012-09-30 11:31 -------- d-----w- c:\program files\K-Lite Codec Pack
2012-09-30 09:29 . 2012-09-30 09:50 -------- d-----w- c:\documents and settings\007\Data aplikací\Broad Intelligence
2012-09-30 09:29 . 2012-09-30 09:50 -------- d-----w- c:\program files\MediaCoder
2012-09-30 06:21 . 2012-09-30 06:21 -------- d-----w- c:\documents and settings\007\Data aplikací\DivX
2012-09-30 05:36 . 2012-09-30 05:36 -------- d-----w- c:\program files\CodeStuff
2012-09-29 22:12 . 2012-09-30 08:27 -------- d-----w- c:\program files\Common Files\DivX Shared
2012-09-29 22:11 . 2012-09-30 08:27 -------- d-----w- c:\program files\DivX
2012-09-29 22:09 . 2012-09-30 08:28 -------- d-----w- c:\documents and settings\All Users\Data aplikací\DivX
2012-09-29 20:48 . 2012-09-29 20:48 -------- d-----w- c:\program files\Common Files\NacreWare
2012-09-29 20:48 . 2012-09-29 20:48 -------- d-----w- c:\program files\AMC2000
2012-09-29 20:23 . 2012-06-09 17:21 178688 ----a-w- c:\windows\system32\unrar.dll
2012-09-29 20:01 . 2012-09-29 20:01 -------- d-----w- c:\program files\AviSynth 2.5
2012-09-29 18:37 . 2012-09-30 19:25 -------- d-----w- C:\capture
2012-09-29 18:29 . 2003-10-10 10:06 4134 ----a-w- c:\windows\system32\drivers\FlyPCI.sys
2012-09-29 18:29 . 2012-09-29 18:29 -------- d-----w- c:\program files\FLY2000TV
2012-09-29 18:07 . 2012-09-29 18:21 -------- d-----w- c:\program files\TVR
2012-09-29 18:01 . 2008-04-14 06:52 91648 ----a-w- c:\windows\system32\kswdmcap.ax
2012-09-29 18:01 . 2008-04-14 06:52 61952 ----a-w- c:\windows\system32\kstvtune.ax
2012-09-29 18:01 . 2008-04-14 06:52 28672 ----a-w- c:\windows\system32\vidcap.ax
2012-09-29 18:01 . 2003-10-20 06:30 135168 ----a-w- c:\windows\system32\34api.dll
2012-09-29 18:01 . 2003-10-20 06:30 114688 ----a-w- c:\windows\system32\34com.dll
2012-09-29 18:01 . 2003-04-08 09:11 110592 ----a-w- c:\windows\system32\prop7134.dll
2012-09-29 18:01 . 2008-04-14 06:52 54272 -c--a-w- c:\windows\system32\dllcache\vfwwdm32.dll
2012-09-29 18:01 . 2008-04-14 06:52 54272 ----a-w- c:\windows\system32\vfwwdm32.dll
2012-09-29 18:01 . 2008-04-14 06:52 43008 ----a-w- c:\windows\system32\ksxbar.ax
2012-09-29 18:01 . 2004-11-05 02:17 334816 ----a-w- c:\windows\system32\drivers\Cap7134.sys
2012-09-29 18:01 . 2004-10-01 08:07 552960 ----a-w- c:\windows\system32\UNINSTAL.EXE
2012-09-29 18:01 . 2003-03-20 18:26 126976 ----a-w- c:\windows\system32\HMPV2_ENC_MMX.DLL
2012-09-28 16:10 . 2012-10-12 11:22 -------- d-----w- c:\program files\PokerStars
2012-09-28 15:06 . 2008-11-23 09:23 97792 ----a-w- c:\windows\system32\drivers\NSHE.SYS
2012-09-28 15:04 . 2006-11-22 08:01 693760 ----a-w- c:\windows\system32\drivers\hardlock.sys
2012-09-28 15:04 . 2012-09-28 15:04 191488 ----a-w- c:\windows\system32\hlvdd.dll
2012-09-28 15:04 . 2006-12-20 08:00 671112 ----a-w- c:\windows\system32\hdinst_windows.dll
2012-09-28 15:04 . 2006-12-20 08:00 2511360 ----a-w- c:\windows\system32\haspds_windows.dll
2012-09-28 15:04 . 2006-11-30 09:06 69632 ----a-w- c:\windows\system32\hasp_inst_help1.dll
2012-09-28 15:04 . 2005-09-06 15:06 28672 ----a-w- c:\windows\system32\hlduinst.exe
2012-09-28 15:04 . 2006-12-20 09:55 3066968 ----a-w- c:\windows\system32\hinstd.dll
2012-09-28 14:46 . 2012-09-28 14:46 -------- d-----w- C:\ETKA
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-10-26 18:29 . 2012-08-02 20:20 746984 ----a-w- c:\windows\system32\deployJava1.dll
2012-09-01 05:39 . 2012-08-28 05:25 73416 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-09-01 05:39 . 2012-08-28 05:25 696520 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-08-27 15:47 . 2012-08-27 15:47 223788 ----a-w- c:\documents and settings\All Users\Data aplikací\1346082440.bdinstall.bin
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2008-08-08 . 1E603EA2A3FDBAE9E5B88A8CB3C03124 . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CreativeTaskScheduler"="c:\program files\Creative\Shared Files\CTSched.exe" [2006-11-17 53341]
"H/PC Connection Agent"="c:\program files\Microsoft ActiveSync\Wcescomm.exe" [2006-11-13 1289000]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2012-01-24 3478336]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-09-08 98304]
"Samsung PanelMgr"="c:\windows\Samsung\PanelMgr\SSMMgr.exe" [2010-10-29 618496]
"3200 Scan2PC"="c:\windows\Twain_32\Samsung\SCX3200\Scan2pc.exe" [2010-05-18 1989120]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nltide_2"="shell32" [X]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{DAE0285D-0788-4E87-985E-01DF2EDE4ACD}"= "c:\windows\system32\Wshxt.dll" [2012-07-14 53248]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaSuite.exe]
2012-05-16 13:44 1084840 ----a-w- c:\program files\Nokia\Nokia Suite\NokiaSuite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QvodTerminal]
e:\programfile\QvodPlayer\QvodTerminal.exe [BU]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"Creative Audio Engine Licensing Service"=3 (0x3)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"e:\\ProgramFILE\\uTorrentPortable\\App\\utorrent\\utorrent.exe"=
"e:\\GREYLINK\\greylink.exe"=
"c:\\WINDOWS\\twain_32\\Samsung\\ScanMgr.exe"=
"c:\\WINDOWS\\twain_32\\Samsung\\SCX3200\\Scan2Pc.exe"=
"c:\\WINDOWS\\twain_32\\Samsung\\SCX3200\\Sscan2io.exe"=
"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Rockstar Games\\Max Payne 3\\MaxPayne3.exe"=
"c:\\Program Files\\Java\\jre7\\bin\\javaw.exe"=
"c:\\ElsaWin\\bin\\ElsaWin.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
"135:TCP"= 135:TCP:ElsaWinRPC
.
R0 mv61xx;mv61xx;c:\windows\system32\drivers\mv61xx.sys [8.8.2008 17:06 143360]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [29.7.2012 14:46 242240]
R1 Winhpfile;Winhpfile;c:\vlrqvdfn\HPFile.sys [14.7.2012 9:52 16601]
R2 LcSvrAdm;ELSA Administration Service;c:\elsawin\bin\LcSvrAdm.exe [6.12.2011 16:10 240640]
R2 LcSvrDba;ELSA DBA Server;c:\elsawin\bin\LcSvrDba.exe [6.12.2011 16:03 392704]
R2 LcSvrHis;ELSA Historie Server;c:\elsawin\bin\LcSvrHis.exe [6.12.2011 16:08 335360]
R2 LcSvrPAS;ELSA PASS Server;c:\elsawin\bin\LcSvrPas.exe [6.12.2011 16:04 477696]
R2 LcSvrSaz;ELSA APOSpro Server;c:\elsawin\bin\LcSvrSaz.exe [6.12.2011 16:08 373248]
R2 NSHE;Guardant Emulator Driver;c:\windows\system32\drivers\NSHE.SYS [28.9.2012 16:06 97792]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdXP3.sys [9.7.2012 21:28 100368]
R3 COMMONFX.SYS;COMMONFX.SYS;c:\windows\system32\drivers\COMMONFX.sys [18.3.2010 19:39 99416]
R3 CTAUDFX.SYS;CTAUDFX.SYS;c:\windows\system32\drivers\CTAUDFX.sys [18.3.2010 19:39 555096]
R3 CTSBLFX.SYS;CTSBLFX.SYS;c:\windows\system32\drivers\CTSBLFX.sys [18.3.2010 19:39 566360]
R3 LcSvrAuf;ELSA Auftragsverwaltungs Service;c:\elsawin\bin\LcSvrAuf.exe [6.12.2011 16:07 1321472]
R3 PhTVTune;Philips TDA8275 Silicon TV Tuner;c:\windows\system32\drivers\phtvtune.sys [29.9.2012 19:02 19904]
S2 OMSCAN;OMSCAN;\Sysa --> \Sysa [?]
S2 SSPORT;SSPORT;\??\c:\windows\system32\Drivers\SSPORT.sys --> c:\windows\system32\Drivers\SSPORT.sys [?]
S3 COMMONFX;COMMONFX;c:\windows\system32\drivers\COMMONFX.sys [18.3.2010 19:39 99416]
S3 CTAUDFX;CTAUDFX;c:\windows\system32\drivers\CTAUDFX.sys [18.3.2010 19:39 555096]
S3 CTERFXFX.SYS;CTERFXFX.SYS;c:\windows\system32\drivers\CTERFXFX.sys [18.3.2010 19:39 100952]
S3 CTERFXFX;CTERFXFX;c:\windows\system32\drivers\CTERFXFX.sys [18.3.2010 19:39 100952]
S3 CTSBLFX;CTSBLFX;c:\windows\system32\drivers\CTSBLFX.sys [18.3.2010 19:39 566360]
S3 FlyPCI;FlyPCI;c:\windows\system32\drivers\FlyPCI.sys [29.9.2012 19:29 4134]
S3 MBAMSwissArmy;MBAMSwissArmy;\??\c:\windows\system32\drivers\mbamswissarmy.sys --> c:\windows\system32\drivers\mbamswissarmy.sys [?]
S3 Sony PC Companion;Sony PC Companion;c:\program files\Sony\Sony PC Companion\PCCService.exe [4.10.2012 21:02 155320]
S4 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [9.7.2012 21:54 79360]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.sk/
uInternet Connection Wizard,ShellNext = wmplayer.exe //ICWLaunch
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\documents and settings\007\Data aplikací\Mozilla\Firefox\Profiles\5wo9xk4b.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.sk/
FF - prefs.js: network.proxy.type - 0
FF - ExtSQL: !HIDDEN! 2012-07-14 14:07; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - user.js: extentions.y2layers.installId - c2314157-d6a8-4fe2-b6f5-dbf99cdf2565
FF - user.js: extentions.y2layers.defaultEnableAppsList - bestvideodownloader,ezLooker,pagerage,buzzdock,toprelatedtopics,twittube,YontooNewOffers
FF - user.js: extensions.autoDisableScopes - 14
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
BHO-{E84D27E3-D607-5985-9C5A-9B6763600BD3} - (no file)
AddRemove-eTECH - c:\program files\eTECH\Uninstall_eTECH\Uninstall eTECH.exe
AddRemove-Hardlock Device Drivers - c:\windows\system32\UNWISE.EXE
AddRemove-MOBAC LC-JNX PLUS - C:\MOBAC-Uninstal.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-10-28 13:15
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
.
C:\PROTOKOL
C:\SKRYTY
C:\VLRQVDFN
c:\documents and settings\007\Data aplikací\Mozilla\Firefox\Profiles\5wo9xk4b.default\foxtab\data\topSites.json 1391 bytes
c:\documents and settings\007\Data aplikací\Nokia Suite\Nokia Connector
c:\documents and settings\007\Data aplikací\Nokia Suite\Nokia Connector\1033
c:\documents and settings\007\Data aplikací\Nokia Suite\Nokia Connector\1033\352417053480364
c:\documents and settings\007\Data aplikací\Nokia Suite\Nokia Connector\1033\352417053480364\tblinfo.xml 32577 bytes
c:\documents and settings\007\Data aplikací\Nokia Suite\Nokia Connector\NokiaConnector.log 87 bytes
.
sken byl úspešně dokončen
skryté soubory: 9
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\OMSCAN]
"ImagePath"="\Sys"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_265_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_265_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(696)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\atiadlxx.dll
.
- - - - - - - > 'explorer.exe'(2788)
c:\windows\system32\webcheck.dll
c:\windows\system32\wpdshserviceobj.dll
c:\windows\system32\portabledevicetypes.dll
c:\windows\system32\portabledeviceapi.dll
.
Celkový čas: 2012-10-28 13:16:01
ComboFix-quarantined-files.txt 2012-10-28 12:15
.
Před spuštěním: Volných bajtů: 220 912 877 568
Po spuštění: Volných bajtů: 220 906 745 856
.
- - End Of File - - 84E9EE850550AE2789E1AB488E86BF73

#25 Příspěvek od **stell** » 28 říj 2012 13:30

No, nepaci sa mi to.
este sprav ESET Online Scanner.
http://www.eset.cz/cz/domacnosti/produk ... e-scanner/
potom vloz sem log, ci nieco nasiel.

lavega · #26 Příspěvek od **lavega** » 28 říj 2012 15:16

Online scaner ešte stale pracuje...99% už 20minut...

#27 Příspěvek od **stell** » 28 říj 2012 15:36

len vydrzat,

lavega · #28 Příspěvek od **lavega** » 29 říj 2012 07:04

nechal som to cez noc bezat a naslo toto

C:\Program Files\Rockstar Games\Max Payne 3\gsrld.dll varianta infiltrace Win32/Packed.VMProtect.AAH trojský k??
C:\Program Files\Rockstar Games\Max Payne 3\mp3c.dll varianta infiltrace Win32/Adware.Virtumonde.NAQ aplikace
C:\System Volume Information\_restore{D7733F0D-9ADA-4243-8E37-EB1BFF624444}\RP17\A0004439.dll varianta infiltrace Win32/Packed.VMProtect.AAH trojský k??
C:\System Volume Information\_restore{D7733F0D-9ADA-4243-8E37-EB1BFF624444}\RP17\A0004460.dll varianta infiltrace Win32/Packed.VMProtect.AAH trojský k??
C:\System Volume Information\_restore{D7733F0D-9ADA-4243-8E37-EB1BFF624444}\RP17\A0004464.dll varianta infiltrace Win32/Packed.VMProtect.AAH trojský k??
C:\System Volume Information\_restore{D7733F0D-9ADA-4243-8E37-EB1BFF624444}\RP17\A0004466.dll varianta infiltrace Win32/Adware.Virtumonde.NAQ aplikace
C:\System Volume Information\_restore{D7733F0D-9ADA-4243-8E37-EB1BFF624444}\RP19\A0005551.exe Win32/Adware.1ClickDownload.G aplikace
C:\System Volume Information\_restore{D7733F0D-9ADA-4243-8E37-EB1BFF624444}\RP50\A0013437.dll varianta infiltrace Win32/Adware.Yontoo.B aplikace
C:\System Volume Information\_restore{D7733F0D-9ADA-4243-8E37-EB1BFF624444}\RP50\A0013438.dll varianta infiltrace Win32/Adware.Yontoo.A aplikace
C:\System Volume Information\_restore{D7733F0D-9ADA-4243-8E37-EB1BFF624444}\RP65\A0018107.exe varianta infiltrace Win32/Adware.RK.AE aplikace
C:\System Volume Information\_restore{D7733F0D-9ADA-4243-8E37-EB1BFF624444}\RP65\A0018108.exe varianta infiltrace Win32/Adware.RK aplikace
C:\System Volume Information\_restore{D7733F0D-9ADA-4243-8E37-EB1BFF624444}\RP81\A0023031.dll pravd?podobn? varianta infiltrace Win32/Adware.RK aplikace
C:\System Volume Information\_restore{D7733F0D-9ADA-4243-8E37-EB1BFF624444}\RP81\A0023033.exe varianta infiltrace Win32/Adware.RK aplikace
C:\System Volume Information\_restore{D7733F0D-9ADA-4243-8E37-EB1BFF624444}\RP81\A0023034.exe varianta infiltrace Win32/Adware.RK.AE aplikace
E:\! BACK_UP\Turistika GEOCHACING\Ozi mapy soft\Ozi Nove\OZI EXPLORER 3D 1.07 beta\ozi3d107b_patch.EXE pravd?podobn? varianta infiltrace Win32/Agent.JNXMSHC trojský k??
E:\! MONIKA\Underclass Hero\Pictures.exe pravd?podobn? varianta infiltrace Win32/IRCBot.YVWFF trojský k??

#29 Příspěvek od **stell** » 29 říj 2012 08:20

ok, Vypnut obnovu systemu, restart a zapnut nazad.
Ak Si nedal zmazat tie programy co nasiel ESET, tak to vymaz rucne,

Premenuj ikonu combofixu na uninstall a spust, combofix sa odinstaluje z pocitaca.
Ak nemas ziadne problemy s pc ,tak to je vsetko.

lavega · #30 Příspěvek od **lavega** » 29 říj 2012 09:19

Momentalne som v práci takže to urobím až večer.
Problém s PC bol ten že mi neustale pracoval disk, aj ked boli všetky programy vypnuté.
Zatial ďakujem

VIRY.CZ

Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu