Prosím o kontrolu logu

[Márty84]

OK, jen jsem se ptal, jestli treba RK nema problem s timto.


Najdete tento soubor C:\Program Files\trend micro\Red.exe a spustte ho.
Kliknete na Main menu a na Do a system scan only
U techto radku dejte vlevo zatrzitko

Kód: Vybrat vše

R3 - URLSearchHook: (no name) - - (no file)
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

Kliknete na nápis Fix checked a potvrdte



Stahnete OTM http://oldtimer.geekstogo.com/OTM.exe , ulozte nejlepe na plochu a spustte.
Do leveho okna zkopirujte tento skript (vcetne te dvojtecky pred slovem commands)

Kód: Vybrat vše

:commands
[EMPTYTEMP]
[EMPTYFLASH]
[RESETHOSTS]
[Purity]

:services
MpKsl81454cf2
JavaQuickStarterService

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp
C:\WINDOWS\tasks\MP Scheduled Scan.job
C:\WINDOWS\tasks\OptimizerProUpdaterTask{E6C1A2DF-49C8-4BF9-8108-DA81B50B8B26}.job

:reg
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]

Kliknete na MoveIt a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu sem dejte log, ktery na vas vyskoci, nebo bude zde C:\_OTM\MovedFiles\xxxxxxxx_xxxxxx (misto tech x budou cisla, predstavujici datum a cas spusteni)



Nainstalujte zase nejaky antivir

[red]

All processes killed
========== COMMANDS ==========

[EMPTYTEMP]

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: All Users

User: NetworkService
->Temp folder emptied: 34263884 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: Red
->Temp folder emptied: 11372921 bytes
->Temporary Internet Files folder emptied: 7390114 bytes
->Java cache emptied: 2411850 bytes
->FireFox cache emptied: 87864429 bytes
->Flash cache emptied: 695 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 2504 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 36381803 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 30542700 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 16034447 bytes

Total Files Cleaned = 216,00 mb


[EMPTYFLASH]

User: Default User

User: All Users

User: NetworkService

User: LocalService

User: Administrator

User: Red
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb

C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
========== SERVICES/DRIVERS ==========
Service MpKsl81454cf2 stopped successfully!
Service MpKsl81454cf2 deleted successfully!
Service JavaQuickStarterService stopped successfully!
Service JavaQuickStarterService deleted successfully!
========== FILES ==========
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
File/Folder C:\WINDOWS\*.tmp not found.
C:\WINDOWS\tasks\MP Scheduled Scan.job moved successfully.
C:\WINDOWS\tasks\OptimizerProUpdaterTask{E6C1A2DF-49C8-4BF9-8108-DA81B50B8B26}.job moved successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched\ deleted successfully.

OTM by OldTimer - Version 3.1.21.0 log created on 02092013_170207

Files moved on Reboot...

Registry entries deleted on Reboot...

[Márty84]

Znovu spustte RogueKiller (pokud jste ho jeste nezavrel/a, rovnou kliknete na napis Smazat)
Probehne kratoucky testik a pak se zpristupni vpravo nahore tlacitko Prohledat. Na to kliknete a probehne dalsi test.
Po dokonceni kliknete na napis Smazat.
Pak kliknete na napis Zprava a objevi se log. Ten mi sem vlozte.
Pak kliknete na napis Oprava Host a Zprava.
Objevi se dalsi log. I ten mi sem vlozte.

[red]

Oboje jsem udělal, ale ani v jednom případě se mi nevygenerovala zprava - texťák byl prázdný...

[red]

Tak aspoň jeden ...

RogueKiller V8.5.0 [Feb 9 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/

Operační systém : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v : Normální režim
Uživatel : Red [Práva správce]
Mód : Kontrola -- Datum : 02/09/2013 18:13:36
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤
[Faked.Drv][FILE] wmilib.sys : C:\WINDOWS\system32\drivers\wmilib.sys --> NALEZENO
[Faked.Drv][FILE] diskdump.sys : C:\WINDOWS\system32\drivers\diskdump.sys --> NALEZENO
[Faked.Drv][FILE] dmload.sys : C:\WINDOWS\system32\drivers\dmload.sys --> NALEZENO
[Faked.Drv][FILE] ftdisk.sys : C:\WINDOWS\system32\drivers\ftdisk.sys --> NALEZENO
[Faked.Drv][FILE] kmixer.sys : C:\WINDOWS\system32\drivers\kmixer.sys --> NALEZENO
[Faked.Drv][FILE] modem.sys : C:\WINDOWS\system32\drivers\modem.sys --> NALEZENO
[Faked.Drv][FILE] mountmgr.sys : C:\WINDOWS\system32\drivers\mountmgr.sys --> NALEZENO
[Faked.Drv][FILE] tape.sys : C:\WINDOWS\system32\drivers\tape.sys --> NALEZENO
[Faked.Drv][FILE] hxxp.sys : C:\WINDOWS\system32\drivers\hxxp.sys --> NALEZENO
[Faked.Drv][FILE] nic1394.sys : C:\WINDOWS\system32\drivers\nic1394.sys --> NALEZENO
[Faked.Drv][FILE] parport.sys : C:\WINDOWS\system32\drivers\parport.sys --> NALEZENO
[Faked.Drv][FILE] uagp35.sys : C:\WINDOWS\system32\drivers\uagp35.sys --> NALEZENO
[Faked.Drv][FILE] bthport.sys : C:\WINDOWS\system32\drivers\bthport.sys --> NALEZENO
[Faked.Drv][FILE] dxg.sys : C:\WINDOWS\system32\drivers\dxg.sys --> NALEZENO
[Faked.Drv][FILE] rndismp.sys : C:\WINDOWS\system32\drivers\rndismp.sys --> NALEZENO
[Faked.Drv][FILE] ndisip.sys : C:\WINDOWS\system32\drivers\ndisip.sys --> NALEZENO
[Faked.Drv][FILE] psched.sys : C:\WINDOWS\system32\drivers\psched.sys --> NALEZENO
[Faked.Drv][FILE] msdv.sys : C:\WINDOWS\system32\drivers\msdv.sys --> NALEZENO
[Faked.Drv][FILE] ptilink.sys : C:\WINDOWS\system32\drivers\ptilink.sys --> NALEZENO
[Faked.Drv][FILE] raspti.sys : C:\WINDOWS\system32\drivers\raspti.sys --> NALEZENO
[Faked.Drv][FILE] udfs.sys : C:\WINDOWS\system32\drivers\udfs.sys --> NALEZENO
[Faked.Drv][FILE] ndiswan.sys : C:\WINDOWS\system32\drivers\ndiswan.sys --> NALEZENO
[Faked.Drv][FILE] cdaudio.sys : C:\WINDOWS\system32\drivers\cdaudio.sys --> NALEZENO
[Faked.Drv][FILE] fs_rec.sys : C:\WINDOWS\system32\drivers\fs_rec.sys --> NALEZENO
[Faked.Drv][FILE] null.sys : C:\WINDOWS\system32\drivers\null.sys --> NALEZENO
[Faked.Drv][FILE] beep.sys : C:\WINDOWS\system32\drivers\beep.sys --> NALEZENO
[Faked.Drv][FILE] rdpcdd.sys : C:\WINDOWS\system32\drivers\rdpcdd.sys --> NALEZENO
[Faked.Drv][FILE] rasacd.sys : C:\WINDOWS\system32\drivers\rasacd.sys --> NALEZENO
[Faked.Drv][FILE] termdd.sys : C:\WINDOWS\system32\drivers\termdd.sys --> NALEZENO
[Faked.Drv][FILE] fdc.sys : C:\WINDOWS\system32\drivers\fdc.sys --> NALEZENO
[Faked.Drv][FILE] dxgthk.sys : C:\WINDOWS\system32\drivers\dxgthk.sys --> NALEZENO
[Faked.Drv][FILE] parvdm.sys : C:\WINDOWS\system32\drivers\parvdm.sys --> NALEZENO
[Faked.Drv][FILE] tdtcp.sys : C:\WINDOWS\system32\drivers\tdtcp.sys --> NALEZENO
[Faked.Drv][FILE] amdk6.sys : C:\WINDOWS\system32\drivers\amdk6.sys --> NALEZENO
[Faked.Drv][FILE] asyncmac.sys : C:\WINDOWS\system32\drivers\asyncmac.sys --> NALEZENO
[Faked.Drv][FILE] atmepvc.sys : C:\WINDOWS\system32\drivers\atmepvc.sys --> NALEZENO
[Faked.Drv][FILE] atmuni.sys : C:\WINDOWS\system32\drivers\atmuni.sys --> NALEZENO
[Faked.Drv][FILE] cbidf2k.sys : C:\WINDOWS\system32\drivers\cbidf2k.sys --> NALEZENO
[Faked.Drv][FILE] cinemst2.sys : C:\WINDOWS\system32\drivers\cinemst2.sys --> NALEZENO
[Faked.Drv][FILE] cpqdap01.sys : C:\WINDOWS\system32\drivers\cpqdap01.sys --> NALEZENO
[Faked.Drv][FILE] disk.sys : C:\WINDOWS\system32\drivers\disk.sys --> NALEZENO
[Faked.Drv][FILE] dxapi.sys : C:\WINDOWS\system32\drivers\dxapi.sys --> NALEZENO
[Faked.Drv][FILE] imapi.sys : C:\WINDOWS\system32\drivers\imapi.sys --> NALEZENO
[Faked.Drv][FILE] mcd.sys : C:\WINDOWS\system32\drivers\mcd.sys --> NALEZENO
[Faked.Drv][FILE] sr.sys : C:\WINDOWS\system32\drivers\sr.sys --> NALEZENO
[Faked.Drv][FILE] nikedrv.sys : C:\WINDOWS\system32\drivers\nikedrv.sys --> NALEZENO
[Faked.Drv][FILE] nwlnkflt.sys : C:\WINDOWS\system32\drivers\nwlnkflt.sys --> NALEZENO
[Faked.Drv][FILE] nwlnkfwd.sys : C:\WINDOWS\system32\drivers\nwlnkfwd.sys --> NALEZENO
[Faked.Drv][FILE] nscirda.sys : C:\WINDOWS\system32\drivers\nscirda.sys --> NALEZENO
[Faked.Drv][FILE] rawwan.sys : C:\WINDOWS\system32\drivers\rawwan.sys --> NALEZENO
[Faked.Drv][FILE] rio8drv.sys : C:\WINDOWS\system32\drivers\rio8drv.sys --> NALEZENO
[Faked.Drv][FILE] riodrv.sys : C:\WINDOWS\system32\drivers\riodrv.sys --> NALEZENO
[Faked.Drv][FILE] tdpipe.sys : C:\WINDOWS\system32\drivers\tdpipe.sys --> NALEZENO
[Faked.Drv][FILE] RMCast.sys : C:\WINDOWS\system32\drivers\RMCast.sys --> NALEZENO
[Faked.Drv][FILE] mrxsmb.sys : C:\WINDOWS\system32\drivers\mrxsmb.sys --> NALEZENO
[Faked.Drv][FILE] rootmdm.sys : C:\WINDOWS\system32\drivers\rootmdm.sys --> NALEZENO
[Faked.Drv][FILE] smclib.sys : C:\WINDOWS\system32\drivers\smclib.sys --> NALEZENO
[Faked.Drv][FILE] tsbvcap.sys : C:\WINDOWS\system32\drivers\tsbvcap.sys --> NALEZENO
[Faked.Drv][FILE] tdi.sys : C:\WINDOWS\system32\drivers\tdi.sys --> NALEZENO
[Faked.Drv][FILE] usb8023.sys : C:\WINDOWS\system32\drivers\usb8023.sys --> NALEZENO
[Faked.Drv][FILE] usbcamd.sys : C:\WINDOWS\system32\drivers\usbcamd.sys --> NALEZENO
[Faked.Drv][FILE] ws2ifsl.sys : C:\WINDOWS\system32\drivers\ws2ifsl.sys --> NALEZENO
[Faked.Drv][FILE] tcpip.sys : C:\WINDOWS\system32\drivers\tcpip.sys --> NALEZENO
[Faked.Drv][FILE] mnmdd.sys : C:\WINDOWS\system32\drivers\mnmdd.sys --> NALEZENO
[Faked.Drv][FILE] fsvga.sys : C:\WINDOWS\system32\drivers\fsvga.sys --> NALEZENO
[Faked.Drv][FILE] mqac.sys : C:\WINDOWS\system32\drivers\mqac.sys --> NALEZENO
[Faked.Drv][FILE] acpiec.sys : C:\WINDOWS\system32\drivers\acpiec.sys --> NALEZENO
[Faked.Drv][FILE] oprghdlr.sys : C:\WINDOWS\system32\drivers\oprghdlr.sys --> NALEZENO
[Faked.Drv][FILE] sysaudio.sys : C:\WINDOWS\system32\drivers\sysaudio.sys --> NALEZENO
[Faked.Drv][FILE] flpydisk.sys : C:\WINDOWS\system32\drivers\flpydisk.sys --> NALEZENO
[Faked.Drv][FILE] usbd.sys : C:\WINDOWS\system32\drivers\usbd.sys --> NALEZENO
[Faked.Drv][FILE] swmidi.sys : C:\WINDOWS\system32\drivers\swmidi.sys --> NALEZENO
[Faked.Drv][FILE] compbatt.sys : C:\WINDOWS\system32\drivers\compbatt.sys --> NALEZENO
[Faked.Drv][FILE] cdfs.sys : C:\WINDOWS\system32\drivers\cdfs.sys --> NALEZENO
[Faked.Drv][FILE] streamip.sys : C:\WINDOWS\system32\drivers\streamip.sys --> NALEZENO
[Faked.Drv][FILE] ssudbus.sys : C:\WINDOWS\system32\drivers\ssudbus.sys --> NALEZENO
[Faked.Drv][FILE] btaudio.sys : C:\WINDOWS\system32\drivers\btaudio.sys --> NALEZENO
[Faked.Drv][FILE] raspppoe.sys : C:\WINDOWS\system32\drivers\raspppoe.sys --> NALEZENO
[Faked.Drv][FILE] mspqm.sys : C:\WINDOWS\system32\drivers\mspqm.sys --> NALEZENO
[Faked.Drv][FILE] ndisuio.sys : C:\WINDOWS\system32\drivers\ndisuio.sys --> NALEZENO
[Faked.Drv][FILE] nwlnkipx.sys : C:\WINDOWS\system32\drivers\nwlnkipx.sys --> NALEZENO
[Faked.Drv][FILE] srv.sys : C:\WINDOWS\system32\drivers\srv.sys --> NALEZENO
[Faked.Drv][FILE] mrxdav.sys : C:\WINDOWS\system32\drivers\mrxdav.sys --> NALEZENO
[Faked.Drv][FILE] secdrv.sys : C:\WINDOWS\system32\drivers\secdrv.sys --> NALEZENO
[Faked.Drv][FILE] ohci1394.sys : C:\WINDOWS\system32\drivers\ohci1394.sys --> NALEZENO
[Faked.Drv][FILE] ccdecode.sys : C:\WINDOWS\system32\drivers\ccdecode.sys --> NALEZENO
[Faked.Drv][FILE] processr.sys : C:\WINDOWS\system32\drivers\processr.sys --> NALEZENO
[Faked.Drv][FILE] ssudmdm.sys : C:\WINDOWS\system32\drivers\ssudmdm.sys --> NALEZENO
[Faked.Drv][FILE] splitter.sys : C:\WINDOWS\system32\drivers\splitter.sys --> NALEZENO
[Faked.Drv][FILE] fastfat.sys : C:\WINDOWS\system32\drivers\fastfat.sys --> NALEZENO
[Faked.Drv][FILE] serenum.sys : C:\WINDOWS\system32\drivers\serenum.sys --> NALEZENO
[Faked.Drv][FILE] sonydcam.sys : C:\WINDOWS\system32\drivers\sonydcam.sys --> NALEZENO
[Faked.Drv][FILE] ipinip.sys : C:\WINDOWS\system32\drivers\ipinip.sys --> NALEZENO
[Faked.Drv][FILE] slip.sys : C:\WINDOWS\system32\drivers\slip.sys --> NALEZENO
[Faked.Drv][FILE] stream.sys : C:\WINDOWS\system32\drivers\stream.sys --> NALEZENO
[Faked.Drv][FILE] hidusb.sys : C:\WINDOWS\system32\drivers\hidusb.sys --> NALEZENO
[Faked.Drv][FILE] drmkaud.sys : C:\WINDOWS\system32\drivers\drmkaud.sys --> NALEZENO
[Faked.Drv][FILE] ks.sys : C:\WINDOWS\system32\drivers\ks.sys --> NALEZENO
[Faked.Drv][FILE] acpi.sys : C:\WINDOWS\system32\drivers\acpi.sys --> NALEZENO
[Faked.Drv][FILE] ndis.sys : C:\WINDOWS\system32\drivers\ndis.sys --> NALEZENO
[Faked.Drv][FILE] crusoe.sys : C:\WINDOWS\system32\drivers\crusoe.sys --> NALEZENO
[Faked.Drv][FILE] pcmcia.sys : C:\WINDOWS\system32\drivers\pcmcia.sys --> NALEZENO
[Faked.Drv][FILE] aec.sys : C:\WINDOWS\system32\drivers\aec.sys --> NALEZENO
[Faked.Drv][FILE] alim1541.sys : C:\WINDOWS\system32\drivers\alim1541.sys --> NALEZENO
[Faked.Drv][FILE] tcpip6.sys : C:\WINDOWS\system32\drivers\tcpip6.sys --> NALEZENO
[Faked.Drv][FILE] atapi.sys : C:\WINDOWS\system32\drivers\atapi.sys --> NALEZENO
[Faked.Drv][FILE] battc.sys : C:\WINDOWS\system32\drivers\battc.sys --> NALEZENO
[Faked.Drv][FILE] bridge.sys : C:\WINDOWS\system32\drivers\bridge.sys --> NALEZENO
[Faked.Drv][FILE] cdrom.sys : C:\WINDOWS\system32\drivers\cdrom.sys --> NALEZENO
[Faked.Drv][FILE] intelide.sys : C:\WINDOWS\system32\drivers\intelide.sys --> NALEZENO
[Faked.Drv][FILE] watv10nt.sys : C:\WINDOWS\system32\drivers\watv10nt.sys --> NALEZENO
[Faked.Drv][FILE] netbios.sys : C:\WINDOWS\system32\drivers\netbios.sys --> NALEZENO
[Faked.Drv][FILE] netbt.sys : C:\WINDOWS\system32\drivers\netbt.sys --> NALEZENO
[Faked.Drv][FILE] npfs.sys : C:\WINDOWS\system32\drivers\npfs.sys --> NALEZENO
[Faked.Drv][FILE] wstcodec.sys : C:\WINDOWS\system32\drivers\wstcodec.sys --> NALEZENO
[Faked.Drv][FILE] sfloppy.sys : C:\WINDOWS\system32\drivers\sfloppy.sys --> NALEZENO
[Faked.Drv][FILE] redbook.sys : C:\WINDOWS\system32\drivers\redbook.sys --> NALEZENO
[Faked.Drv][FILE] scsiport.sys : C:\WINDOWS\system32\drivers\scsiport.sys --> NALEZENO
[Faked.Drv][FILE] serial.sys : C:\WINDOWS\system32\drivers\serial.sys --> NALEZENO
[Faked.Drv][FILE] rdpdr.sys : C:\WINDOWS\system32\drivers\rdpdr.sys --> NALEZENO
[Faked.Drv][FILE] rdbss.sys : C:\WINDOWS\system32\drivers\rdbss.sys --> NALEZENO
[Faked.Drv][FILE] raspptp.sys : C:\WINDOWS\system32\drivers\raspptp.sys --> NALEZENO
[Faked.Drv][FILE] sisagp.sys : C:\WINDOWS\system32\drivers\sisagp.sys --> NALEZENO
[Faked.Drv][FILE] rasl2tp.sys : C:\WINDOWS\system32\drivers\rasl2tp.sys --> NALEZENO
[Faked.Drv][FILE] pciidex.sys : C:\WINDOWS\system32\drivers\pciidex.sys --> NALEZENO
[Faked.Drv][FILE] hidclass.sys : C:\WINDOWS\system32\drivers\hidclass.sys --> NALEZENO
[Faked.Drv][FILE] ntfs.sys : C:\WINDOWS\system32\drivers\ntfs.sys --> NALEZENO
[Faked.Drv][FILE] irbus.sys : C:\WINDOWS\system32\drivers\irbus.sys --> NALEZENO
[Faked.Drv][FILE] wacompen.sys : C:\WINDOWS\system32\drivers\wacompen.sys --> NALEZENO
[Faked.Drv][FILE] pci.sys : C:\WINDOWS\system32\drivers\pci.sys --> NALEZENO
[Faked.Drv][FILE] partmgr.sys : C:\WINDOWS\system32\drivers\partmgr.sys --> NALEZENO
[Faked.Drv][FILE] fips.sys : C:\WINDOWS\system32\drivers\fips.sys --> NALEZENO
[Faked.Drv][FILE] p3.sys : C:\WINDOWS\system32\drivers\p3.sys --> NALEZENO
[Faked.Drv][FILE] nmnt.sys : C:\WINDOWS\system32\drivers\nmnt.sys --> NALEZENO
[Faked.Drv][FILE] nabtsfec.sys : C:\WINDOWS\system32\drivers\nabtsfec.sys --> NALEZENO
[Faked.Drv][FILE] mf.sys : C:\WINDOWS\system32\drivers\mf.sys --> NALEZENO
[Faked.Drv][FILE] irda.sys : C:\WINDOWS\system32\drivers\irda.sys --> NALEZENO
[Faked.Drv][FILE] mstee.sys : C:\WINDOWS\system32\drivers\mstee.sys --> NALEZENO
[Faked.Drv][FILE] ipsec.sys : C:\WINDOWS\system32\drivers\ipsec.sys --> NALEZENO
[Faked.Drv][FILE] mspclock.sys : C:\WINDOWS\system32\drivers\mspclock.sys --> NALEZENO
[Faked.Drv][FILE] mskssrv.sys : C:\WINDOWS\system32\drivers\mskssrv.sys --> NALEZENO
[Faked.Drv][FILE] msgpc.sys : C:\WINDOWS\system32\drivers\msgpc.sys --> NALEZENO
[Faked.Drv][FILE] CmBatt.sys : C:\WINDOWS\system32\drivers\CmBatt.sys --> NALEZENO
[Faked.Drv][FILE] msfs.sys : C:\WINDOWS\system32\drivers\msfs.sys --> NALEZENO
[Faked.Drv][FILE] pccsmcfd.sys : C:\WINDOWS\system32\drivers\pccsmcfd.sys --> NALEZENO
[Faked.Drv][FILE] atmlane.sys : C:\WINDOWS\system32\drivers\atmlane.sys --> NALEZENO
[Faked.Drv][FILE] mpe.sys : C:\WINDOWS\system32\drivers\mpe.sys --> NALEZENO
[Faked.Drv][FILE] mouclass.sys : C:\WINDOWS\system32\drivers\mouclass.sys --> NALEZENO
[Faked.Drv][FILE] classpnp.sys : C:\WINDOWS\system32\drivers\classpnp.sys --> NALEZENO
[Faked.Drv][FILE] kbdclass.sys : C:\WINDOWS\system32\drivers\kbdclass.sys --> NALEZENO
[Faked.Drv][FILE] isapnp.sys : C:\WINDOWS\system32\drivers\isapnp.sys --> NALEZENO
[Faked.Drv][FILE] i8042prt.sys : C:\WINDOWS\system32\drivers\i8042prt.sys --> NALEZENO
[Faked.Drv][FILE] ipnat.sys : C:\WINDOWS\system32\drivers\ipnat.sys --> NALEZENO
[Faked.Drv][FILE] dmio.sys : C:\WINDOWS\system32\drivers\dmio.sys --> NALEZENO
[Faked.Drv][FILE] enum1394.sys : C:\WINDOWS\system32\drivers\enum1394.sys --> NALEZENO
[Faked.Drv][FILE] bthpan.sys : C:\WINDOWS\system32\drivers\bthpan.sys --> NALEZENO
[Faked.Drv][FILE] wdmaud.sys : C:\WINDOWS\system32\drivers\wdmaud.sys --> NALEZENO
[Faked.Drv][FILE] portcls.sys : C:\WINDOWS\system32\drivers\portcls.sys --> NALEZENO
[Faked.Drv][FILE] dmboot.sys : C:\WINDOWS\system32\drivers\dmboot.sys --> NALEZENO
[Faked.Drv][FILE] DMusic.sys : C:\WINDOWS\system32\drivers\DMusic.sys --> NALEZENO
[Faked.Drv][FILE] bdasup.sys : C:\WINDOWS\system32\drivers\bdasup.sys --> NALEZENO
[Faked.Drv][FILE] atmarpc.sys : C:\WINDOWS\system32\drivers\atmarpc.sys --> NALEZENO
[Faked.Drv][FILE] rasirda.sys : C:\WINDOWS\system32\drivers\rasirda.sys --> NALEZENO
[Faked.Drv][FILE] arp1394.sys : C:\WINDOWS\system32\drivers\arp1394.sys --> NALEZENO
[Faked.Drv][FILE] 1394bus.sys : C:\WINDOWS\system32\drivers\1394bus.sys --> NALEZENO
[Faked.Drv][FILE] watv06nt.sys : C:\WINDOWS\system32\drivers\watv06nt.sys --> NALEZENO
[Faked.Drv][FILE] wadv11nt.sys : C:\WINDOWS\system32\drivers\wadv11nt.sys --> NALEZENO
[Faked.Drv][FILE] wadv09nt.sys : C:\WINDOWS\system32\drivers\wadv09nt.sys --> NALEZENO
[Faked.Drv][FILE] audstub.sys : C:\WINDOWS\system32\drivers\audstub.sys --> NALEZENO
[Faked.Drv][FILE] wadv08nt.sys : C:\WINDOWS\system32\drivers\wadv08nt.sys --> NALEZENO
[Faked.Drv][FILE] wadv07nt.sys : C:\WINDOWS\system32\drivers\wadv07nt.sys --> NALEZENO
[Faked.Drv][FILE] viaagp.sys : C:\WINDOWS\system32\drivers\viaagp.sys --> NALEZENO
[Faked.Drv][FILE] usbvideo.sys : C:\WINDOWS\system32\drivers\usbvideo.sys --> NALEZENO
[Faked.Drv][FILE] usbehci.sys : C:\WINDOWS\system32\drivers\usbehci.sys --> NALEZENO
[Faked.Drv][FILE] usb8023x.sys : C:\WINDOWS\system32\drivers\usb8023x.sys --> NALEZENO
[Faked.Drv][FILE] update.sys : C:\WINDOWS\system32\drivers\update.sys --> NALEZENO
[Faked.Drv][FILE] tunmp.sys : C:\WINDOWS\system32\drivers\tunmp.sys --> NALEZENO
[Faked.Drv][FILE] smbali.sys : C:\WINDOWS\system32\drivers\smbali.sys --> NALEZENO
[Faked.Drv][FILE] slwdmsup.sys : C:\WINDOWS\system32\drivers\slwdmsup.sys --> NALEZENO
[Faked.Drv][FILE] slnthal.sys : C:\WINDOWS\system32\drivers\slnthal.sys --> NALEZENO
[Faked.Drv][FILE] slntamr.sys : C:\WINDOWS\system32\drivers\slntamr.sys --> NALEZENO
[Faked.Drv][FILE] slnt7554.sys : C:\WINDOWS\system32\drivers\slnt7554.sys --> NALEZENO
[Faked.Drv][FILE] sffp_sd.sys : C:\WINDOWS\system32\drivers\sffp_sd.sys --> NALEZENO
[Faked.Drv][FILE] sffp_mmc.sys : C:\WINDOWS\system32\drivers\sffp_mmc.sys --> NALEZENO
[Faked.Drv][FILE] sdbus.sys : C:\WINDOWS\system32\drivers\sdbus.sys --> NALEZENO
[Faked.Drv][FILE] rndismpx.sys : C:\WINDOWS\system32\drivers\rndismpx.sys --> NALEZENO
[Faked.Drv][FILE] s3gnbm.sys : C:\WINDOWS\system32\drivers\s3gnbm.sys --> NALEZENO
[Faked.Drv][FILE] rfcomm.sys : C:\WINDOWS\system32\drivers\rfcomm.sys --> NALEZENO
[Faked.Drv][FILE] mutohpen.sys : C:\WINDOWS\system32\drivers\mutohpen.sys --> NALEZENO
[Faked.Drv][FILE] recagent.sys : C:\WINDOWS\system32\drivers\recagent.sys --> NALEZENO
[Faked.Drv][FILE] nv4_mini.sys : C:\WINDOWS\system32\drivers\nv4_mini.sys --> NALEZENO
[Faked.Drv][FILE] ntmtlfax.sys : C:\WINDOWS\system32\drivers\ntmtlfax.sys --> NALEZENO
[Faked.Drv][FILE] mssmbios.sys : C:\WINDOWS\system32\drivers\mssmbios.sys --> NALEZENO
[Faked.Drv][FILE] mtxparhm.sys : C:\WINDOWS\system32\drivers\mtxparhm.sys --> NALEZENO
[Faked.Drv][FILE] mtlstrm.sys : C:\WINDOWS\system32\drivers\mtlstrm.sys --> NALEZENO
[Faked.Drv][FILE] mtlmnt5.sys : C:\WINDOWS\system32\drivers\mtlmnt5.sys --> NALEZENO
[Faked.Drv][FILE] ip6fw.sys : C:\WINDOWS\system32\drivers\ip6fw.sys --> NALEZENO
[Faked.Drv][FILE] mdmxsdk.sys : C:\WINDOWS\system32\drivers\mdmxsdk.sys --> NALEZENO
[Faked.Drv][FILE] intelppm.sys : C:\WINDOWS\system32\drivers\intelppm.sys --> NALEZENO
[Faked.Drv][FILE] ndproxy.sys : C:\WINDOWS\system32\drivers\ndproxy.sys --> NALEZENO
[Faked.Drv][FILE] hidir.sys : C:\WINDOWS\system32\drivers\hidir.sys --> NALEZENO
[Faked.Drv][FILE] hsfdpsp2.sys : C:\WINDOWS\system32\drivers\hsfdpsp2.sys --> NALEZENO
[Faked.Drv][FILE] hsfcxts2.sys : C:\WINDOWS\system32\drivers\hsfcxts2.sys --> NALEZENO
[Faked.Drv][FILE] hsfbs2s2.sys : C:\WINDOWS\system32\drivers\hsfbs2s2.sys --> NALEZENO
[Faked.Drv][FILE] hidbth.sys : C:\WINDOWS\system32\drivers\hidbth.sys --> NALEZENO
[Faked.Drv][FILE] hdaudbus.sys : C:\WINDOWS\system32\drivers\hdaudbus.sys --> NALEZENO
[Faked.Drv][FILE] fltmgr.sys : C:\WINDOWS\system32\drivers\fltmgr.sys --> NALEZENO
[Faked.Drv][FILE] bthusb.sys : C:\WINDOWS\system32\drivers\bthusb.sys --> NALEZENO
[Faked.Drv][FILE] bthprint.sys : C:\WINDOWS\system32\drivers\bthprint.sys --> NALEZENO
[Faked.Drv][FILE] mup.sys : C:\WINDOWS\system32\drivers\mup.sys --> NALEZENO
[Faked.Drv][FILE] wanarp.sys : C:\WINDOWS\system32\drivers\wanarp.sys --> NALEZENO
[Faked.Drv][FILE] bthmodem.sys : C:\WINDOWS\system32\drivers\bthmodem.sys --> NALEZENO
[Faked.Drv][FILE] bthenum.sys : C:\WINDOWS\system32\drivers\bthenum.sys --> NALEZENO
[Faked.Drv][FILE] amdk7.sys : C:\WINDOWS\system32\drivers\amdk7.sys --> NALEZENO
[Faked.Drv][FILE] atinxsxx.sys : C:\WINDOWS\system32\drivers\atinxsxx.sys --> NALEZENO
[Faked.Drv][FILE] atinxbxx.sys : C:\WINDOWS\system32\drivers\atinxbxx.sys --> NALEZENO
[Faked.Drv][FILE] atintuxx.sys : C:\WINDOWS\system32\drivers\atintuxx.sys --> NALEZENO
[Faked.Drv][FILE] atinttxx.sys : C:\WINDOWS\system32\drivers\atinttxx.sys --> NALEZENO
[Faked.Drv][FILE] atinsnxx.sys : C:\WINDOWS\system32\drivers\atinsnxx.sys --> NALEZENO
[Faked.Drv][FILE] atinrvxx.sys : C:\WINDOWS\system32\drivers\atinrvxx.sys --> NALEZENO
[Faked.Drv][FILE] atinraxx.sys : C:\WINDOWS\system32\drivers\atinraxx.sys --> NALEZENO
[Faked.Drv][FILE] atinpdxx.sys : C:\WINDOWS\system32\drivers\atinpdxx.sys --> NALEZENO
[Faked.Drv][FILE] atinmdxx.sys : C:\WINDOWS\system32\drivers\atinmdxx.sys --> NALEZENO
[Faked.Drv][FILE] atinbtxx.sys : C:\WINDOWS\system32\drivers\atinbtxx.sys --> NALEZENO
[Faked.Drv][FILE] ati2mtaa.sys : C:\WINDOWS\system32\drivers\ati2mtaa.sys --> NALEZENO
[Faked.Drv][FILE] ati1xsxx.sys : C:\WINDOWS\system32\drivers\ati1xsxx.sys --> NALEZENO
[Faked.Drv][FILE] ati1xbxx.sys : C:\WINDOWS\system32\drivers\ati1xbxx.sys --> NALEZENO
[Faked.Drv][FILE] ati2mtag.sys : C:\WINDOWS\system32\drivers\ati2mtag.sys --> NALEZENO
[Faked.Drv][FILE] ati1tuxx.sys : C:\WINDOWS\system32\drivers\ati1tuxx.sys --> NALEZENO
[Faked.Drv][FILE] ati1ttxx.sys : C:\WINDOWS\system32\drivers\ati1ttxx.sys --> NALEZENO
[Faked.Drv][FILE] ati1snxx.sys : C:\WINDOWS\system32\drivers\ati1snxx.sys --> NALEZENO
[Faked.Drv][FILE] ati1rvxx.sys : C:\WINDOWS\system32\drivers\ati1rvxx.sys --> NALEZENO
[Faked.Drv][FILE] ati1raxx.sys : C:\WINDOWS\system32\drivers\ati1raxx.sys --> NALEZENO
[Faked.Drv][FILE] ati1pdxx.sys : C:\WINDOWS\system32\drivers\ati1pdxx.sys --> NALEZENO
[Faked.Drv][FILE] ati1mdxx.sys : C:\WINDOWS\system32\drivers\ati1mdxx.sys --> NALEZENO
[Faked.Drv][FILE] ati1btxx.sys : C:\WINDOWS\system32\drivers\ati1btxx.sys --> NALEZENO
[Faked.Drv][FILE] amdagp.sys : C:\WINDOWS\system32\drivers\amdagp.sys --> NALEZENO
[Faked.Drv][FILE] agpcpq.sys : C:\WINDOWS\system32\drivers\agpcpq.sys --> NALEZENO
[Faked.Drv][FILE] agp440.sys : C:\WINDOWS\system32\drivers\agp440.sys --> NALEZENO
[Faked.Drv][FILE] ALCXWDM.SYS : C:\WINDOWS\system32\drivers\ALCXWDM.SYS --> NALEZENO
[Faked.Drv][FILE] ALCXSENS.SYS : C:\WINDOWS\system32\drivers\ALCXSENS.SYS --> NALEZENO
[Faked.Drv][FILE] nwrdr.sys : C:\WINDOWS\system32\drivers\nwrdr.sys --> NALEZENO
[Faked.Drv][FILE] ksecdd.sys : C:\WINDOWS\system32\drivers\ksecdd.sys --> NALEZENO
[Faked.Drv][FILE] volsnap.sys : C:\WINDOWS\system32\drivers\volsnap.sys --> NALEZENO
[Faked.Drv][FILE] videoprt.sys : C:\WINDOWS\system32\drivers\videoprt.sys --> NALEZENO
[Faked.Drv][FILE] vga.sys : C:\WINDOWS\system32\drivers\vga.sys --> NALEZENO
[Faked.Drv][FILE] usbuhci.sys : C:\WINDOWS\system32\drivers\usbuhci.sys --> NALEZENO
[Faked.Drv][FILE] usbstor.sys : C:\WINDOWS\system32\drivers\usbstor.sys --> NALEZENO
[Faked.Drv][FILE] usbport.sys : C:\WINDOWS\system32\drivers\usbport.sys --> NALEZENO
[Faked.Drv][FILE] usbintel.sys : C:\WINDOWS\system32\drivers\usbintel.sys --> NALEZENO
[Faked.Drv][FILE] usbhub.sys : C:\WINDOWS\system32\drivers\usbhub.sys --> NALEZENO
[Faked.Drv][FILE] usbcamd2.sys : C:\WINDOWS\system32\drivers\usbcamd2.sys --> NALEZENO
[Faked.Drv][FILE] swenum.sys : C:\WINDOWS\system32\drivers\swenum.sys --> NALEZENO
[Faked.Drv][FILE] irenum.sys : C:\WINDOWS\system32\drivers\irenum.sys --> NALEZENO
[Faked.Drv][FILE] hidparse.sys : C:\WINDOWS\system32\drivers\hidparse.sys --> NALEZENO
[Faked.Drv][FILE] drmk.sys : C:\WINDOWS\system32\drivers\drmk.sys --> NALEZENO
[Faked.Drv][FILE] WudfPf.sys : C:\WINDOWS\system32\drivers\WudfPf.sys --> NALEZENO
[Faked.Drv][FILE] sffdisk.sys : C:\WINDOWS\system32\drivers\sffdisk.sys --> NALEZENO
[Faked.Drv][FILE] gagp30kx.sys : C:\WINDOWS\system32\drivers\gagp30kx.sys --> NALEZENO
[Faked.Drv][FILE] WudfRd.sys : C:\WINDOWS\system32\drivers\WudfRd.sys --> NALEZENO
[Faked.Drv][FILE] wpdusb.sys : C:\WINDOWS\system32\drivers\wpdusb.sys --> NALEZENO
[Faked.Drv][FILE] cdralw2k.sys : C:\WINDOWS\system32\drivers\cdralw2k.sys --> NALEZENO
[Faked.Drv][FILE] dgderdrv.sys : C:\WINDOWS\system32\drivers\dgderdrv.sys --> NALEZENO
[Faked.Drv][FILE] cdr4_xp.sys : C:\WINDOWS\system32\drivers\cdr4_xp.sys --> NALEZENO
[Faked.Drv][FILE] PxHelp20.sys : C:\WINDOWS\system32\drivers\PxHelp20.sys --> NALEZENO
[Faked.Drv][FILE] rdpwd.sys : C:\WINDOWS\system32\drivers\rdpwd.sys --> NALEZENO
[Faked.Drv][FILE] ndistapi.sys : C:\WINDOWS\system32\drivers\ndistapi.sys --> NALEZENO
[Faked.Drv][FILE] wdfldr.sys : C:\WINDOWS\system32\drivers\wdfldr.sys --> NALEZENO
[Faked.Drv][FILE] usbscan.sys : C:\WINDOWS\system32\drivers\usbscan.sys --> NALEZENO
[Faked.Drv][FILE] usbser.sys : C:\WINDOWS\system32\drivers\usbser.sys --> NALEZENO
[Faked.Drv][FILE] AGRSM.sys : C:\WINDOWS\system32\drivers\AGRSM.sys --> NALEZENO
[Faked.Drv][FILE] afd.sys : C:\WINDOWS\system32\drivers\afd.sys --> NALEZENO
[Faked.Drv][FILE] b57xp32.sys : C:\WINDOWS\system32\drivers\b57xp32.sys --> NALEZENO
[Faked.Drv][FILE] w22n51.sys : C:\WINDOWS\system32\drivers\w22n51.sys --> NALEZENO
[Faked.Drv][FILE] SynTP.sys : C:\WINDOWS\system32\drivers\SynTP.sys --> NALEZENO
[Faked.Drv][FILE] DKbFltr.SYS : C:\WINDOWS\system32\drivers\DKbFltr.SYS --> NALEZENO
[Faked.Drv][FILE] o2mmb.sys : C:\WINDOWS\system32\drivers\o2mmb.sys --> NALEZENO
[Faked.Drv][FILE] MbxStby.sys : C:\WINDOWS\system32\drivers\MbxStby.sys --> NALEZENO
[Faked.Drv][FILE] ozscr.sys : C:\WINDOWS\system32\drivers\ozscr.sys --> NALEZENO
[Faked.Drv][FILE] btserial.sys : C:\WINDOWS\system32\drivers\btserial.sys --> NALEZENO
[Faked.Drv][FILE] btslbcsp.sys : C:\WINDOWS\system32\drivers\btslbcsp.sys --> NALEZENO
[Faked.Drv][FILE] btport.sys : C:\WINDOWS\system32\drivers\btport.sys --> NALEZENO
[Faked.Drv][FILE] btwdndis.sys : C:\WINDOWS\system32\drivers\btwdndis.sys --> NALEZENO
[Faked.Drv][FILE] btkrnl.sys : C:\WINDOWS\system32\drivers\btkrnl.sys --> NALEZENO
[Faked.Drv][FILE] bcbthub.sys : C:\WINDOWS\system32\drivers\bcbthub.sys --> NALEZENO
[Faked.Drv][FILE] acernbm.sys : C:\WINDOWS\system32\drivers\acernbm.sys --> NALEZENO
[Faked.Drv][FILE] osadmi.sys : C:\WINDOWS\system32\drivers\osadmi.sys --> NALEZENO
[Faked.Drv][FILE] pciide.sys : C:\WINDOWS\system32\drivers\pciide.sys --> NALEZENO
[Faked.Drv][FILE] btwusb.sys : C:\WINDOWS\system32\drivers\btwusb.sys --> NALEZENO
[Faked.Drv][FILE] frmupgr.sys : C:\WINDOWS\system32\drivers\frmupgr.sys --> NALEZENO
[Faked.Drv][FILE] NTIDrvr.sys : C:\WINDOWS\system32\drivers\NTIDrvr.sys --> NALEZENO
[Faked.Drv][FILE] mouhid.sys : C:\WINDOWS\system32\drivers\mouhid.sys --> NALEZENO
[Faked.Drv][FILE] TrueSight.sys : C:\WINDOWS\system32\drivers\TrueSight.sys --> NALEZENO

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\WINDOWS\system32\drivers\etc\hosts

ÿþ1

¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: ST980815A +++++
--- User ---
[MBR] a602d2312b66591ae5c91667b46bc5f5
[BSP] d29858277df39b66c32464d2ec896679 : Windows XP MBR Code
Partition table:
0 - [ACTIVE] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 63 | Size: 30396 Mo
1 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 62251875 | Size: 45920 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[1]_S_02092013_02d1813.txt >>
RKreport[1]_S_02092013_02d1813.txt

[Márty84]

Postupujte podle navodu kolegy

Stahnete si TDSSKiller http://support.kaspersky.com/downloads/ ... killer.exe

• Kliknete na volbu Change parametrs
• V okne Additional Option zakliknete vsechny moznosti
• Kliknete na OK
• Utilite prikazte, at skenuje - klik na Start Scan
• Po dokonceni skenu se objevi okno, zkontrolujte, zda-li je vsude moznost Skip
• Pokud moznost Skip nebude primarne nastavena, prekliknete ji na Skip
• Pokud mate vsude Skip, kliknete na Continue
• Na disku, kde mate Windows (obvykle c:\) ve tvaru TDSSKiller.nejaka cisilka _log.txt bude log - jeho obsah sem vlozte

[red]

08:00:03.0083 1164 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
08:00:03.0313 1164 ============================================================
08:00:03.0313 1164 Current date / time: 2013/02/10 08:00:03.0313
08:00:03.0313 1164 SystemInfo:
08:00:03.0313 1164
08:00:03.0313 1164 OS Version: 5.1.2600 ServicePack: 3.0
08:00:03.0313 1164 Product type: Workstation
08:00:03.0313 1164 ComputerName: XACER
08:00:03.0313 1164 UserName: Red
08:00:03.0313 1164 Windows directory: C:\WINDOWS
08:00:03.0313 1164 System windows directory: C:\WINDOWS
08:00:03.0313 1164 Processor architecture: Intel x86
08:00:03.0313 1164 Number of processors: 1
08:00:03.0313 1164 Page size: 0x1000
08:00:03.0313 1164 Boot type: Normal boot
08:00:03.0313 1164 ============================================================
08:00:04.0365 1164 Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
08:00:04.0365 1164 ============================================================
08:00:04.0365 1164 \Device\Harddisk0\DR0:
08:00:04.0365 1164 MBR partitions:
08:00:04.0365 1164 \Device\Harddisk0\DR0\Partition1: MBR, Type 0xC, StartLBA 0x3F, BlocksNum 0x3B5E324
08:00:04.0385 1164 \Device\Harddisk0\DR0\Partition2: MBR, Type 0xB, StartLBA 0x3B5E3A2, BlocksNum 0x59B011F
08:00:04.0385 1164 ============================================================
08:00:04.0385 1164 C: <-> \Device\Harddisk0\DR0\Partition1
08:00:04.0385 1164 D: <-> \Device\Harddisk0\DR0\Partition2
08:00:04.0395 1164 ============================================================
08:00:04.0395 1164 Initialize success
08:00:04.0395 1164 ============================================================
08:00:29.0311 3624 ============================================================
08:00:29.0311 3624 Scan started
08:00:29.0311 3624 Mode: Manual; SigCheck; TDLFS;
08:00:29.0311 3624 ============================================================
08:00:29.0411 3624 ================ Scan system memory ========================
08:00:29.0411 3624 System memory - ok
08:00:29.0421 3624 ================ Scan services =============================
08:00:29.0641 3624 Abiosdsk - ok
08:00:29.0691 3624 abp480n5 - ok
08:00:29.0761 3624 [ F49DB0425D100CB87CAF333150951142 ] acernbm C:\WINDOWS\system32\drivers\acernbm.sys
08:00:31.0223 3624 acernbm ( UnsignedFile.Multi.Generic ) - warning
08:00:31.0223 3624 acernbm - detected UnsignedFile.Multi.Generic (1)
08:00:31.0304 3624 [ 4FE34F1F3126B61FCC6B2043AA8112C9 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
08:00:32.0085 3624 ACPI - ok
08:00:32.0105 3624 [ AFDFF022A01F0B11C776F0860C3B282F ] ACPIEC C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
08:00:32.0315 3624 ACPIEC - ok
08:00:32.0325 3624 adpu160m - ok
08:00:32.0375 3624 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
08:00:32.0545 3624 aec - ok
08:00:32.0585 3624 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
08:00:32.0676 3624 AFD - ok
08:00:32.0746 3624 [ 8C8E48F772644570737D8BF0270D2BFC ] AgereSoftModem C:\WINDOWS\system32\DRIVERS\AGRSM.sys
08:00:32.0896 3624 AgereSoftModem - ok
08:00:33.0136 3624 [ 08FD04AA961BDC77FB983F328334E3D7 ] agp440 C:\WINDOWS\system32\DRIVERS\agp440.sys
08:00:33.0467 3624 agp440 - ok
08:00:33.0477 3624 Aha154x - ok
08:00:33.0497 3624 aic78u2 - ok
08:00:33.0517 3624 aic78xx - ok
08:00:33.0557 3624 [ FBBCB95F677CBAA924140B6EA2D9A97B ] ALCXSENS C:\WINDOWS\system32\drivers\ALCXSENS.SYS
08:00:33.0687 3624 ALCXSENS - ok
08:00:33.0727 3624 [ 391344370018A87A6C478AB76C7A47A8 ] ALCXWDM C:\WINDOWS\system32\drivers\ALCXWDM.SYS
08:00:33.0807 3624 ALCXWDM - ok
08:00:33.0917 3624 [ E0A6FA244B8624D78FE5FF6F56A33BAE ] Alerter C:\WINDOWS\system32\alrsvc.dll
08:00:34.0078 3624 Alerter - ok
08:00:34.0148 3624 [ 88842DE939A827577BF24243699AC80A ] ALG C:\WINDOWS\System32\alg.exe
08:00:34.0338 3624 ALG - ok
08:00:34.0348 3624 AliIde - ok
08:00:34.0368 3624 amsint - ok
08:00:34.0448 3624 [ 6B8E7A90E576D4FE308F97C69060A171 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
08:00:34.0628 3624 AppMgmt - ok
08:00:34.0668 3624 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
08:00:34.0829 3624 Arp1394 - ok
08:00:34.0849 3624 asc - ok
08:00:34.0869 3624 asc3350p - ok
08:00:34.0889 3624 asc3550 - ok
08:00:34.0909 3624 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
08:00:35.0089 3624 AsyncMac - ok
08:00:35.0119 3624 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
08:00:35.0299 3624 atapi - ok
08:00:35.0329 3624 Atdisk - ok
08:00:35.0410 3624 [ 94627116F20D1F1350D2D14470043A60 ] Ati HotKey Poller C:\WINDOWS\System32\Ati2evxx.exe
08:00:35.0480 3624 Ati HotKey Poller - ok
08:00:35.0550 3624 [ 8303B347A02ED4BBF94E5682A6D22619 ] ati2mtag C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
08:00:35.0640 3624 ati2mtag - ok
08:00:35.0670 3624 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
08:00:35.0870 3624 Atmarpc - ok
08:00:35.0950 3624 [ DE31B88962A8645DBA5A37B993E7B0F1 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
08:00:36.0171 3624 AudioSrv - ok
08:00:36.0201 3624 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
08:00:36.0391 3624 audstub - ok
08:00:36.0441 3624 [ C8065C997A6129C641DF098168D5A390 ] b57w2k C:\WINDOWS\system32\DRIVERS\b57xp32.sys
08:00:36.0531 3624 b57w2k - ok
08:00:36.0571 3624 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
08:00:36.0751 3624 Beep - ok
08:00:36.0802 3624 [ 19395D092FD85DDC2D9C7729CF5A2AC8 ] BITS C:\WINDOWS\system32\qmgr.dll
08:00:37.0012 3624 BITS - ok
08:00:37.0072 3624 [ 249276D3EF1E74B992299CB96099E4D7 ] Browser C:\WINDOWS\System32\browser.dll
08:00:37.0302 3624 Browser - ok
08:00:37.0322 3624 [ 377A0B30EDAEF799D43A9676748E118E ] BtAudio C:\WINDOWS\system32\DRIVERS\btaudio.sys
08:00:37.0342 3624 BtAudio ( UnsignedFile.Multi.Generic ) - warning
08:00:37.0342 3624 BtAudio - detected UnsignedFile.Multi.Generic (1)
08:00:37.0362 3624 [ ED6B3D61578B996C55F32ACE07618BBB ] BTDriver C:\WINDOWS\system32\DRIVERS\btport.sys
08:00:37.0382 3624 BTDriver ( UnsignedFile.Multi.Generic ) - warning
08:00:37.0382 3624 BTDriver - detected UnsignedFile.Multi.Generic (1)
08:00:37.0482 3624 [ 58A9FCBB9D3307C27BAE4F39009FFB87 ] BTKRNL C:\WINDOWS\system32\drivers\btkrnl.sys
08:00:37.0593 3624 BTKRNL ( UnsignedFile.Multi.Generic ) - warning
08:00:37.0593 3624 BTKRNL - detected UnsignedFile.Multi.Generic (1)
08:00:37.0683 3624 [ CBF5A79F3D2177E80CA79C2BC20119DB ] BTSERIAL C:\WINDOWS\System32\drivers\btserial.sys
08:00:37.0703 3624 BTSERIAL ( UnsignedFile.Multi.Generic ) - warning
08:00:37.0703 3624 BTSERIAL - detected UnsignedFile.Multi.Generic (1)
08:00:37.0743 3624 [ 26FA6F56CE3152505D8A44CDEABE002F ] BTSLBCSP C:\WINDOWS\System32\drivers\btslbcsp.sys
08:00:37.0793 3624 BTSLBCSP ( UnsignedFile.Multi.Generic ) - warning
08:00:37.0793 3624 BTSLBCSP - detected UnsignedFile.Multi.Generic (1)
08:00:37.0873 3624 [ 09EAE9824FBBB881E7B4D9F5CAFD24F0 ] btwdins c:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
08:00:37.0903 3624 btwdins ( UnsignedFile.Multi.Generic ) - warning
08:00:37.0903 3624 btwdins - detected UnsignedFile.Multi.Generic (1)
08:00:37.0953 3624 [ 899B4C1EFBD86B71076CCBC15FC7EDDC ] BTWDNDIS C:\WINDOWS\system32\DRIVERS\btwdndis.sys
08:00:37.0973 3624 BTWDNDIS ( UnsignedFile.Multi.Generic ) - warning
08:00:37.0973 3624 BTWDNDIS - detected UnsignedFile.Multi.Generic (1)
08:00:38.0023 3624 [ 6109FF90BF6A2A8756759A805C8816EC ] BTWUSB C:\WINDOWS\system32\Drivers\btwusb.sys
08:00:38.0033 3624 BTWUSB ( UnsignedFile.Multi.Generic ) - warning
08:00:38.0053 3624 BTWUSB - detected UnsignedFile.Multi.Generic (1)
08:00:38.0083 3624 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
08:00:38.0294 3624 cbidf2k - ok
08:00:38.0334 3624 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
08:00:38.0524 3624 CCDECODE - ok
08:00:38.0574 3624 cd20xrnt - ok
08:00:38.0594 3624 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
08:00:38.0814 3624 Cdaudio - ok
08:00:38.0844 3624 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
08:00:39.0045 3624 Cdfs - ok
08:00:39.0075 3624 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
08:00:39.0265 3624 Cdrom - ok
08:00:39.0285 3624 Changer - ok
08:00:39.0395 3624 [ E390DC1D7C461D7D56EC53402F329928 ] CiSvc C:\WINDOWS\system32\cisvc.exe
08:00:39.0586 3624 CiSvc - ok
08:00:39.0626 3624 [ 064507A8DFA8C5C7E2FFDDD3E6F424FA ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
08:00:39.0786 3624 ClipSrv - ok
08:00:39.0936 3624 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
08:00:39.0956 3624 clr_optimization_v4.0.30319_32 - ok
08:00:39.0976 3624 [ 0F6C187D38D98F8DF904589A5F94D411 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys
08:00:40.0146 3624 CmBatt - ok
08:00:40.0166 3624 CmdIde - ok
08:00:40.0196 3624 [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys
08:00:40.0347 3624 Compbatt - ok
08:00:40.0377 3624 COMSysApp - ok
08:00:40.0417 3624 [ 3959EA244E5519F2FB12DAE6D30DEB34 ] CONAN C:\WINDOWS\system32\drivers\o2mmb.sys
08:00:40.0467 3624 CONAN - ok
08:00:40.0507 3624 Cpqarray - ok
08:00:40.0577 3624 [ F3AB0933CBD166D271992F411C27CCAF ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
08:00:40.0737 3624 CryptSvc - ok
08:00:40.0757 3624 dac2w2k - ok
08:00:40.0777 3624 dac960nt - ok
08:00:40.0827 3624 [ BE27674D1CBC3214AEC84B4336A38BBF ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
08:00:40.0947 3624 DcomLaunch - ok
08:00:40.0988 3624 [ 6216FD7FD227DE454238A702B218CEC7 ] dgderdrv C:\WINDOWS\system32\drivers\dgderdrv.sys
08:00:42.0400 3624 dgderdrv - ok
08:00:42.0460 3624 [ 6CC6C4B9D7B906A151AA094CA087B9F0 ] dg_ssudbus C:\WINDOWS\system32\DRIVERS\ssudbus.sys
08:00:42.0490 3624 dg_ssudbus - ok
08:00:42.0560 3624 [ 8C9A53E285AC5E6704844D0459EC85BE ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
08:00:42.0910 3624 Dhcp - ok
08:00:42.0930 3624 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
08:00:43.0121 3624 Disk - ok
08:00:43.0151 3624 [ 96A48BDA68BF734AAE79F910AB884A34 ] DKbFltr C:\WINDOWS\system32\Drivers\DKbFltr.sys
08:00:43.0181 3624 DKbFltr ( UnsignedFile.Multi.Generic ) - warning
08:00:43.0181 3624 DKbFltr - detected UnsignedFile.Multi.Generic (1)
08:00:43.0211 3624 dmadmin - ok
08:00:43.0271 3624 [ DB5FD2BF5B07DC54BFCB3664FF05BD7C ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
08:00:43.0471 3624 dmboot - ok
08:00:43.0511 3624 [ FFF1720AF51171F32F1EAD5CF71F2810 ] dmio C:\WINDOWS\system32\drivers\dmio.sys
08:00:43.0701 3624 dmio - ok
08:00:43.0711 3624 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
08:00:43.0912 3624 dmload - ok
08:00:43.0972 3624 [ 2BFEFE9E865655A76982F050450B9591 ] dmserver C:\WINDOWS\System32\dmserver.dll
08:00:44.0142 3624 dmserver - ok
08:00:44.0162 3624 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
08:00:44.0322 3624 DMusic - ok
08:00:44.0372 3624 [ DFAA406BF19F4EE806A6F8D4342137F7 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
08:00:44.0483 3624 Dnscache - ok
08:00:44.0533 3624 [ 4A3E2BD20157A0946751229E92EB8621 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
08:00:44.0733 3624 Dot3svc - ok
08:00:44.0783 3624 dpti2o - ok
08:00:44.0813 3624 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
08:00:44.0983 3624 drmkaud - ok
08:00:45.0043 3624 [ 0887D9C2BE8D940778CAD1E3B85F2A41 ] EapHost C:\WINDOWS\System32\eapsvc.dll
08:00:45.0204 3624 EapHost - ok
08:00:45.0254 3624 [ A2A4912798F2BE706ABADD3D30800D16 ] ERSvc C:\WINDOWS\System32\ersvc.dll
08:00:45.0404 3624 ERSvc - ok
08:00:45.0444 3624 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] Eventlog C:\WINDOWS\system32\services.exe
08:00:45.0514 3624 Eventlog - ok
08:00:45.0564 3624 [ A371F11EF07653591C8DE26AFB13CE7F ] EventSystem C:\WINDOWS\System32\es.dll
08:00:45.0634 3624 EventSystem - ok
08:00:45.0654 3624 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
08:00:45.0824 3624 Fastfat - ok
08:00:45.0855 3624 [ EE9A2B9EA968A792A053C9D1A86BF870 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
08:00:45.0905 3624 FastUserSwitchingCompatibility - ok
08:00:45.0975 3624 [ 2CD14C70D1D81AF054AA5ED8024DCAE6 ] Fax C:\WINDOWS\system32\fxssvc.exe
08:00:46.0175 3624 Fax - ok
08:00:46.0215 3624 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
08:00:46.0365 3624 Fdc - ok
08:00:46.0405 3624 [ AC366695A0796560AA37215AD5762AAF ] Fips C:\WINDOWS\system32\drivers\Fips.sys
08:00:46.0566 3624 Fips - ok
08:00:46.0596 3624 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
08:00:46.0746 3624 Flpydisk - ok
08:00:46.0776 3624 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
08:00:46.0966 3624 FltMgr - ok
08:00:46.0986 3624 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
08:00:47.0166 3624 Fs_Rec - ok
08:00:47.0206 3624 [ 4E664D8541DB4A66B73A24257E322E1F ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
08:00:47.0397 3624 Ftdisk - ok
08:00:47.0417 3624 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
08:00:47.0577 3624 Gpc - ok
08:00:47.0627 3624 [ FCFE31FB75F8A6295B6B0AF87A626282 ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
08:00:47.0787 3624 helpsvc - ok
08:00:47.0817 3624 [ 00E25EE90166B3E1BE6E74AEBF858306 ] HidServ C:\WINDOWS\System32\hidserv.dll
08:00:47.0978 3624 HidServ - ok
08:00:48.0008 3624 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
08:00:48.0168 3624 HidUsb - ok
08:00:48.0198 3624 [ 7A6B320928F86BC851530D63C82965D9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
08:00:48.0358 3624 hkmsvc - ok
08:00:48.0378 3624 hpn - ok
08:00:48.0428 3624 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
08:00:48.0488 3624 HTTP - ok
08:00:48.0568 3624 [ 58FE2F2DA3BC5573F4A35B3760D3125F ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
08:00:48.0729 3624 HTTPFilter - ok
08:00:48.0739 3624 i2omgmt - ok
08:00:48.0759 3624 i2omp - ok
08:00:48.0789 3624 [ C528E27945367191E7BAE364930B6932 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
08:00:48.0969 3624 i8042prt - ok
08:00:48.0999 3624 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
08:00:49.0219 3624 Imapi - ok
08:00:49.0259 3624 [ F7B93AAFAD33B2320954C17E26C8D361 ] ImapiService C:\WINDOWS\System32\imapi.exe
08:00:49.0430 3624 ImapiService - ok
08:00:49.0450 3624 ini910u - ok
08:00:49.0490 3624 [ 57D928E548B38502ABBA7A77A6EB7312 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
08:00:49.0660 3624 IntelIde - ok
08:00:49.0680 3624 [ 27B290D632AF2CF3CF40BFDDB7370985 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
08:00:49.0850 3624 intelppm - ok
08:00:49.0880 3624 [ 3BB22519A194418D5FEC05D800A19AD0 ] ip6fw C:\WINDOWS\system32\drivers\ip6fw.sys
08:00:50.0051 3624 ip6fw - ok
08:00:50.0101 3624 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
08:00:50.0281 3624 IpFilterDriver - ok
08:00:50.0311 3624 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
08:00:50.0471 3624 IpInIp - ok
08:00:50.0501 3624 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
08:00:50.0671 3624 IpNat - ok
08:00:50.0701 3624 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
08:00:50.0842 3624 IPSec - ok
08:00:50.0892 3624 [ ACA5E7B54409F9CB5EED97ED0C81120E ] irda C:\WINDOWS\system32\DRIVERS\irda.sys
08:00:51.0062 3624 irda - ok
08:00:51.0092 3624 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
08:00:51.0262 3624 IRENUM - ok
08:00:51.0312 3624 [ 8024EA8C5B2D2A4D201F418B0AADB804 ] Irmon C:\WINDOWS\System32\irmon.dll
08:00:51.0463 3624 Irmon - ok
08:00:51.0493 3624 [ CC9F8A2D60AED1A51A3AC34C59B987AE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
08:00:51.0653 3624 isapnp - ok
08:00:51.0673 3624 [ 1B6162FE7F66B1A71A4B70F941C4AA9B ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
08:00:51.0833 3624 Kbdclass - ok
08:00:51.0873 3624 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
08:00:52.0053 3624 kmixer - ok
08:00:52.0093 3624 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
08:00:52.0124 3624 KSecDD - ok
08:00:52.0154 3624 [ 3428E8F86F8ADD36B42FB23542C7B3E4 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
08:00:52.0214 3624 lanmanserver - ok
08:00:52.0254 3624 [ 936C1D110232D23B621CB0196E4F80F0 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
08:00:52.0324 3624 lanmanworkstation - ok
08:00:52.0334 3624 lbrtfdc - ok
08:00:52.0374 3624 [ 0AB159F536E3E8F7F07113702A07CCA5 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
08:00:52.0564 3624 LmHosts - ok
08:00:52.0594 3624 [ 27FF21E081AD85D8B29811F66DD002E5 ] MbxStby C:\WINDOWS\system32\drivers\MbxStby.sys
08:00:52.0634 3624 MbxStby - ok
08:00:52.0674 3624 [ 221CD1C815B8A6B79389C3F5D1018DE8 ] Messenger C:\WINDOWS\System32\msgsvc.dll
08:00:52.0865 3624 Messenger - ok
08:00:52.0885 3624 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
08:00:53.0085 3624 mnmdd - ok
08:00:53.0115 3624 [ 9A57D046F88F4B69751B11FD40088A61 ] mnmsrvc C:\WINDOWS\System32\mnmsrvc.exe
08:00:53.0305 3624 mnmsrvc - ok
08:00:53.0335 3624 [ 44032B0C6D9954D3FD26438330B99EE7 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
08:00:53.0516 3624 Modem - ok
08:00:53.0556 3624 [ 4CB582831DBDE63CE43B45D771218374 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
08:00:53.0726 3624 Mouclass - ok
08:00:53.0766 3624 [ BB269EBA740737AB749B214D568B6812 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
08:00:53.0966 3624 mouhid - ok
08:00:53.0986 3624 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
08:00:54.0136 3624 MountMgr - ok
08:00:54.0227 3624 [ 51A84B690DF519DCF656F780243D953E ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
08:00:54.0257 3624 MozillaMaintenance - ok
08:00:54.0267 3624 mraid35x - ok
08:00:54.0317 3624 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
08:00:54.0467 3624 MRxDAV - ok
08:00:54.0527 3624 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
08:00:54.0607 3624 MRxSmb - ok
08:00:54.0657 3624 [ 6DB4D1521CABA9A5FFAB54ADE0AE867D ] MSDTC C:\WINDOWS\System32\msdtc.exe
08:00:54.0847 3624 MSDTC - ok
08:00:54.0857 3624 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
08:00:55.0038 3624 Msfs - ok
08:00:55.0108 3624 MSIServer - ok
08:00:55.0148 3624 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
08:00:55.0318 3624 MSKSSRV - ok
08:00:55.0338 3624 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
08:00:55.0498 3624 MSPCLOCK - ok
08:00:55.0508 3624 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
08:00:55.0659 3624 MSPQM - ok
08:00:55.0679 3624 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
08:00:55.0829 3624 mssmbios - ok
08:00:55.0899 3624 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
08:00:56.0039 3624 MSTEE - ok
08:00:56.0069 3624 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
08:00:56.0099 3624 Mup - ok
08:00:56.0129 3624 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
08:00:56.0270 3624 NABTSFEC - ok
08:00:56.0340 3624 [ 6EA362E9DB03D44F6B996F4D8BE237E9 ] napagent C:\WINDOWS\System32\qagentrt.dll
08:00:56.0550 3624 napagent - ok
08:00:56.0590 3624 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
08:00:56.0750 3624 NDIS - ok
08:00:56.0770 3624 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
08:00:56.0920 3624 NdisIP - ok
08:00:56.0950 3624 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
08:00:57.0001 3624 NdisTapi - ok
08:00:57.0031 3624 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
08:00:57.0181 3624 Ndisuio - ok
08:00:57.0201 3624 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
08:00:57.0351 3624 NdisWan - ok
08:00:57.0391 3624 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
08:00:57.0441 3624 NDProxy - ok
08:00:57.0471 3624 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
08:00:57.0641 3624 NetBIOS - ok
08:00:57.0682 3624 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
08:00:57.0842 3624 NetBT - ok
08:00:57.0912 3624 [ 933DE774986EC85E48210C44AB431DE6 ] NetDDE C:\WINDOWS\system32\netdde.exe
08:00:58.0092 3624 NetDDE - ok
08:00:58.0102 3624 [ 933DE774986EC85E48210C44AB431DE6 ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
08:00:58.0272 3624 NetDDEdsdm - ok
08:00:58.0322 3624 [ ED0A176354487CEED65B80A7148AB739 ] Netlogon C:\WINDOWS\System32\lsass.exe
08:00:58.0483 3624 Netlogon - ok
08:00:58.0543 3624 [ 72E1E9E2977BE08BDEEDB6D8FD9D4D40 ] Netman C:\WINDOWS\System32\netman.dll
08:00:58.0713 3624 Netman - ok
08:00:58.0743 3624 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
08:00:58.0903 3624 NIC1394 - ok
08:00:58.0963 3624 [ 39EE7C3BFBC64BA87CC8CF67386E814C ] Nla C:\WINDOWS\System32\mswsock.dll
08:00:59.0033 3624 Nla - ok
08:00:59.0054 3624 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
08:00:59.0224 3624 Npfs - ok
08:00:59.0244 3624 [ 2ADC0CA9945C65284B3D19BC18765974 ] NSCIRDA C:\WINDOWS\system32\DRIVERS\nscirda.sys
08:00:59.0414 3624 NSCIRDA - ok
08:00:59.0454 3624 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
08:00:59.0654 3624 Ntfs - ok
08:00:59.0674 3624 [ 15A72D5B8F0B6A718207F14BD5EBB8FF ] NTIDrvr C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys
08:00:59.0684 3624 NTIDrvr ( UnsignedFile.Multi.Generic ) - warning
08:00:59.0684 3624 NTIDrvr - detected UnsignedFile.Multi.Generic (1)
08:00:59.0704 3624 [ ED0A176354487CEED65B80A7148AB739 ] NtLmSsp C:\WINDOWS\System32\lsass.exe
08:00:59.0845 3624 NtLmSsp - ok
08:00:59.0935 3624 [ 023DD70573D644F3D9C8B1258A7BFD08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
08:01:00.0135 3624 NtmsSvc - ok
08:01:00.0155 3624 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
08:01:00.0315 3624 Null - ok
08:01:00.0355 3624 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
08:01:00.0536 3624 NwlnkFlt - ok
08:01:00.0566 3624 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
08:01:00.0746 3624 NwlnkFwd - ok
08:01:00.0786 3624 [ C7D0C730D658089C3C500C7280D4001A ] O2SCBUS C:\WINDOWS\system32\DRIVERS\ozscr.sys
08:01:00.0826 3624 O2SCBUS - ok
08:01:00.0936 3624 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
08:01:00.0986 3624 odserv - ok
08:01:01.0026 3624 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
08:01:01.0187 3624 ohci1394 - ok
08:01:01.0237 3624 [ E4F65686A0327C4A25D606F926A8DBFD ] osadmi C:\WINDOWS\system32\drivers\osadmi.sys
08:01:01.0247 3624 osadmi ( UnsignedFile.Multi.Generic ) - warning
08:01:01.0247 3624 osadmi - detected UnsignedFile.Multi.Generic (1)
08:01:01.0287 3624 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
08:01:01.0307 3624 ose - ok
08:01:01.0337 3624 [ 46F8DB73B4A53E543F8E371DC7C75BAE ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
08:01:01.0517 3624 Parport - ok
08:01:01.0557 3624 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
08:01:01.0717 3624 PartMgr - ok
08:01:01.0757 3624 [ 1FAE19D0457176318BBA4A8795656EBC ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
08:01:01.0958 3624 ParVdm - ok
08:01:01.0988 3624 [ 6CE351D149CB4BEFC702951E471E1730 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
08:01:02.0158 3624 PCI - ok
08:01:02.0208 3624 PCIDump - ok
08:01:02.0228 3624 [ 2DA4EC85E0EA7A45C6B2A05820492D5A ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
08:01:02.0398 3624 PCIIde - ok
08:01:02.0418 3624 [ 4FC31E6C19A5CE5198B1ABFF94CAE758 ] Pcmcia C:\WINDOWS\system32\DRIVERS\pcmcia.sys
08:01:02.0579 3624 Pcmcia - ok
08:01:02.0599 3624 PDCOMP - ok
08:01:02.0619 3624 PDFRAME - ok
08:01:02.0629 3624 PDRELI - ok
08:01:02.0649 3624 PDRFRAME - ok
08:01:02.0669 3624 perc2 - ok
08:01:02.0689 3624 perc2hib - ok
08:01:02.0749 3624 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] PlugPlay C:\WINDOWS\system32\services.exe
08:01:02.0789 3624 PlugPlay - ok
08:01:02.0809 3624 [ ED0A176354487CEED65B80A7148AB739 ] PolicyAgent C:\WINDOWS\System32\lsass.exe
08:01:02.0939 3624 PolicyAgent - ok
08:01:02.0969 3624 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
08:01:03.0119 3624 PptpMiniport - ok
08:01:03.0139 3624 [ 7EB15DCE4EC3A0220BD796A15C18186E ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys
08:01:03.0290 3624 Processor - ok
08:01:03.0310 3624 [ ED0A176354487CEED65B80A7148AB739 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
08:01:03.0450 3624 ProtectedStorage - ok
08:01:03.0480 3624 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
08:01:03.0630 3624 PSched - ok
08:01:03.0640 3624 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
08:01:03.0820 3624 Ptilink - ok
08:01:03.0850 3624 [ 153D02480A0A2F45785522E814C634B6 ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
08:01:03.0860 3624 PxHelp20 - ok
08:01:03.0880 3624 ql1080 - ok
08:01:03.0890 3624 Ql10wnt - ok
08:01:03.0910 3624 ql12160 - ok
08:01:03.0931 3624 ql1240 - ok
08:01:03.0951 3624 ql1280 - ok
08:01:03.0971 3624 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
08:01:04.0131 3624 RasAcd - ok
08:01:04.0171 3624 [ 2B5E44EA009F2F374B980E1E9A70635D ] RasAuto C:\WINDOWS\System32\rasauto.dll
08:01:04.0351 3624 RasAuto - ok
08:01:04.0381 3624 [ 0207D26DDF796A193CCD9F83047BB5FC ] Rasirda C:\WINDOWS\system32\DRIVERS\rasirda.sys
08:01:04.0461 3624 Rasirda - ok
08:01:04.0481 3624 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
08:01:04.0611 3624 Rasl2tp - ok
08:01:04.0682 3624 [ D57554C664B64604BD1EE13EA2C07E77 ] RasMan C:\WINDOWS\System32\rasmans.dll
08:01:04.0862 3624 RasMan - ok
08:01:04.0902 3624 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
08:01:05.0062 3624 RasPppoe - ok
08:01:05.0082 3624 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
08:01:05.0262 3624 Raspti - ok
08:01:05.0302 3624 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
08:01:05.0473 3624 Rdbss - ok
08:01:05.0493 3624 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
08:01:05.0683 3624 RDPCDD - ok
08:01:05.0733 3624 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
08:01:05.0883 3624 rdpdr - ok
08:01:05.0933 3624 [ 5B3055DAA788BD688594D2F5981F2A83 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
08:01:05.0983 3624 RDPWD - ok
08:01:06.0034 3624 [ C0D9D9711CB74EE9BC66353D8CBDAB0E ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
08:01:06.0194 3624 RDSessMgr - ok
08:01:06.0214 3624 [ 611BFD220305BE3A85AE876EA47D4AA5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
08:01:06.0374 3624 redbook - ok
08:01:06.0484 3624 [ 127C26B5371651043450E52542099ABA ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
08:01:06.0654 3624 RemoteAccess - ok
08:01:06.0694 3624 [ 8F31505484A190D5B22274708799F4EC ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
08:01:06.0865 3624 RemoteRegistry - ok
08:01:06.0895 3624 [ 718B3BDC0BC3C2F7D065A53D26202AF9 ] RpcLocator C:\WINDOWS\System32\locator.exe
08:01:07.0075 3624 RpcLocator - ok
08:01:07.0135 3624 [ BE27674D1CBC3214AEC84B4336A38BBF ] RpcSs C:\WINDOWS\system32\rpcss.dll
08:01:07.0215 3624 RpcSs - ok
08:01:07.0255 3624 [ 09AB2E71E58B078038E3BFDBA7FFC984 ] RSVP C:\WINDOWS\System32\rsvp.exe
08:01:07.0466 3624 RSVP - ok
08:01:07.0496 3624 [ ED0A176354487CEED65B80A7148AB739 ] SamSs C:\WINDOWS\system32\lsass.exe
08:01:07.0656 3624 SamSs - ok
08:01:07.0706 3624 [ 410046E401EB11E1E6749E9DEEA41D4A ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
08:01:07.0866 3624 SCardSvr - ok
08:01:07.0916 3624 [ 3FF232A7731621B8902D81D42418C93C ] Schedule C:\WINDOWS\system32\schedsvc.dll
08:01:08.0086 3624 Schedule - ok
08:01:08.0127 3624 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
08:01:08.0267 3624 Secdrv - ok
08:01:08.0307 3624 [ 477E2C3CC5E4A0D635BCB0EA8DCAC3C6 ] seclogon C:\WINDOWS\System32\seclogon.dll
08:01:08.0467 3624 seclogon - ok
08:01:08.0497 3624 [ A530B75C10C23C9AB28FDB6CE719E21F ] SENS C:\WINDOWS\system32\sens.dll
08:01:08.0647 3624 SENS - ok
08:01:08.0677 3624 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
08:01:08.0828 3624 serenum - ok
08:01:08.0848 3624 [ B842729337C9B921615C40D3C1A1AF96 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
08:01:09.0008 3624 Serial - ok
08:01:09.0098 3624 [ 7D3903AF48E6C1DC2704EAFCB608D031 ] ServiceLayer C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
08:01:09.0148 3624 ServiceLayer ( UnsignedFile.Multi.Generic ) - warning
08:01:09.0148 3624 ServiceLayer - detected UnsignedFile.Multi.Generic (1)
08:01:09.0188 3624 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
08:01:09.0338 3624 Sfloppy - ok
08:01:09.0398 3624 [ F58FACA9621D2DB01BD0927D9A0A208E ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
08:01:09.0569 3624 SharedAccess - ok
08:01:09.0609 3624 [ EE9A2B9EA968A792A053C9D1A86BF870 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
08:01:09.0639 3624 ShellHWDetection - ok
08:01:09.0699 3624 Simbad - ok
08:01:09.0749 3624 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
08:01:09.0919 3624 SLIP - ok
08:01:09.0949 3624 Sparrow - ok
08:01:09.0989 3624 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
08:01:10.0169 3624 splitter - ok
08:01:10.0200 3624 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
08:01:10.0250 3624 Spooler - ok
08:01:10.0270 3624 [ 94610C8653635E4459316A0050D55CE7 ] sr C:\WINDOWS\System32\DRIVERS\sr.sys
08:01:10.0460 3624 sr - ok
08:01:10.0500 3624 [ 35B91147124F64AC8081A2EDB9EA4DEE ] srservice C:\WINDOWS\System32\srsvc.dll
08:01:10.0700 3624 srservice - ok
08:01:10.0760 3624 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
08:01:10.0820 3624 Srv - ok
08:01:10.0891 3624 [ BECD5271DC4E3B7C3D035F790FCBC1E5 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
08:01:11.0071 3624 SSDPSRV - ok
08:01:11.0111 3624 [ 359FEE084F1173FFFFD7F9CCBD43D47F ] ssudmdm C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
08:01:11.0141 3624 ssudmdm - ok
08:01:11.0201 3624 [ C1CDD9275F6A115BB0AE1D55D8D27BA6 ] stisvc C:\WINDOWS\system32\wiaservc.dll
08:01:11.0401 3624 stisvc - ok
08:01:11.0431 3624 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
08:01:11.0592 3624 streamip - ok
08:01:11.0622 3624 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
08:01:11.0762 3624 swenum - ok
08:01:11.0782 3624 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
08:01:11.0932 3624 swmidi - ok
08:01:12.0002 3624 SwPrv - ok
08:01:12.0032 3624 symc810 - ok
08:01:12.0052 3624 symc8xx - ok
08:01:12.0072 3624 sym_hi - ok
08:01:12.0092 3624 sym_u3 - ok
08:01:12.0142 3624 [ 1D9568710306B28959BE21C25CAB004E ] SynTP C:\WINDOWS\system32\DRIVERS\SynTP.sys
08:01:12.0202 3624 SynTP - ok
08:01:12.0232 3624 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
08:01:12.0403 3624 sysaudio - ok
08:01:12.0463 3624 [ CE06F01B88ACE199A1BF460CAC29C110 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
08:01:12.0633 3624 SysmonLog - ok
08:01:12.0683 3624 [ C2546CD7A398476F9DF5614B2AE160E8 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
08:01:12.0863 3624 TapiSrv - ok
08:01:12.0913 3624 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
08:01:12.0984 3624 Tcpip - ok
08:01:13.0014 3624 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
08:01:13.0204 3624 TDPIPE - ok
08:01:13.0224 3624 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
08:01:13.0414 3624 TDTCP - ok
08:01:13.0434 3624 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
08:01:13.0624 3624 TermDD - ok
08:01:13.0725 3624 [ A75DD6FC3DBEE4FFF5EBC9F2C28BB66E ] TermService C:\WINDOWS\System32\termsrv.dll
08:01:13.0925 3624 TermService - ok
08:01:13.0965 3624 [ EE9A2B9EA968A792A053C9D1A86BF870 ] Themes C:\WINDOWS\System32\shsvcs.dll
08:01:13.0975 3624 Themes - ok
08:01:14.0035 3624 [ CD0CC7B167D78043A41C98D4921EFB54 ] TlntSvr C:\WINDOWS\System32\tlntsvr.exe
08:01:14.0225 3624 TlntSvr - ok
08:01:14.0245 3624 TosIde - ok
08:01:14.0285 3624 [ 38853304CCB938D30E0C4CDE8D2C2A8A ] TrkWks C:\WINDOWS\system32\trkwks.dll
08:01:14.0436 3624 TrkWks - ok
08:01:14.0496 3624 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
08:01:14.0646 3624 Udfs - ok
08:01:14.0656 3624 ultra - ok
08:01:14.0706 3624 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
08:01:14.0866 3624 Update - ok
08:01:14.0936 3624 [ 651BD90DCEE5B7BDC74A2EB7C9266F9E ] upnphost C:\WINDOWS\System32\upnphost.dll
08:01:15.0087 3624 upnphost - ok
08:01:15.0127 3624 [ 20A0F6A11959E92908717D09E87D670D ] UPS C:\WINDOWS\System32\ups.exe
08:01:15.0287 3624 UPS - ok
08:01:15.0317 3624 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
08:01:15.0477 3624 usbehci - ok
08:01:15.0507 3624 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
08:01:15.0677 3624 usbhub - ok
08:01:15.0737 3624 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
08:01:15.0888 3624 usbscan - ok
08:01:15.0928 3624 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
08:01:16.0078 3624 USBSTOR - ok
08:01:16.0108 3624 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
08:01:16.0278 3624 usbuhci - ok
08:01:16.0318 3624 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
08:01:16.0459 3624 VgaSave - ok
08:01:16.0479 3624 ViaIde - ok
08:01:16.0509 3624 [ 28A4B296B47782173C346E376CB374D1 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
08:01:16.0669 3624 VolSnap - ok
08:01:16.0729 3624 [ D6BA1A63D9E00933F1CD2A885573AFB2 ] VSS C:\WINDOWS\System32\vssvc.exe
08:01:16.0899 3624 VSS - ok
08:01:16.0999 3624 [ B6CB2CCE557CE57C72C3D31E701E6E39 ] w22n51 C:\WINDOWS\system32\DRIVERS\w22n51.sys
08:01:17.0190 3624 w22n51 - ok
08:01:17.0250 3624 [ FA4E1CDBA256787F2149F4AAD07BC91F ] W32Time C:\WINDOWS\System32\w32time.dll
08:01:17.0420 3624 W32Time - ok
08:01:17.0460 3624 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
08:01:17.0640 3624 Wanarp - ok
08:01:17.0710 3624 [ D918617B46457B9AC28027722E30F647 ] Wdf01000 C:\WINDOWS\system32\Drivers\wdf01000.sys
08:01:17.0760 3624 Wdf01000 - ok
08:01:17.0810 3624 WDICA - ok
08:01:17.0841 3624 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
08:01:18.0051 3624 wdmaud - ok
08:01:18.0111 3624 [ 47AE51048A82DFA1CD6B51D369F7E169 ] WebClient C:\WINDOWS\System32\webclnt.dll
08:01:18.0301 3624 WebClient - ok
08:01:18.0391 3624 [ F45DD1E1365D857DD08BC23563370D0E ] WinDefend C:\Program Files\Windows Defender\MsMpEng.exe
08:01:18.0401 3624 WinDefend - ok
08:01:18.0451 3624 [ E488332126E3B1182D2B8A0C35408EC6 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
08:01:18.0672 3624 winmgmt - ok
08:01:18.0792 3624 [ 051B1BDECD6DEE18C771B5D5EC7F044D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
08:01:18.0862 3624 WmdmPmSN - ok
08:01:18.0922 3624 [ 0171CFF34BBA8C5977F18C48D8AEF8C6 ] Wmi C:\WINDOWS\System32\advapi32.dll
08:01:19.0062 3624 Wmi - ok
08:01:19.0122 3624 [ 23F6F03272F7E5679F1F050AED5ACEE6 ] WmiApSrv C:\WINDOWS\System32\wbem\wmiapsrv.exe
08:01:19.0323 3624 WmiApSrv - ok
08:01:19.0423 3624 [ 0DCC3A79329F0FDE9B1B5283CACD3F50 ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
08:01:19.0533 3624 WMPNetworkSvc - ok
08:01:19.0593 3624 [ C60DC16D4E406810FAD54B98DC92D5EC ] WpdUsb C:\WINDOWS\system32\DRIVERS\wpdusb.sys
08:01:19.0633 3624 WpdUsb - ok
08:01:19.0813 3624 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
08:01:19.0914 3624 WPFFontCache_v0400 - ok
08:01:20.0084 3624 [ 4C86D5FAF78194995AF9CC1075F65DD3 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
08:01:20.0354 3624 wscsvc - ok
08:01:20.0404 3624 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
08:01:20.0554 3624 WSTCODEC - ok
08:01:20.0604 3624 [ C1364564800EE9784192145324A23308 ] wuauserv C:\WINDOWS\system32\wuauserv.dll
08:01:20.0755 3624 wuauserv - ok
08:01:20.0795 3624 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
08:01:20.0835 3624 WudfPf - ok
08:01:20.0875 3624 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
08:01:20.0915 3624 WudfRd - ok
08:01:20.0965 3624 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
08:01:20.0995 3624 WudfSvc - ok
08:01:21.0065 3624 [ A27D4BA7264C0BF52F32D10405BEA1D4 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
08:01:21.0295 3624 WZCSVC - ok
08:01:21.0366 3624 [ EAA4BB9EDB3FB10CF8979FE65E63658F ] xmlprov C:\WINDOWS\System32\xmlprov.dll
08:01:21.0556 3624 xmlprov - ok
08:01:21.0586 3624 ================ Scan global ===============================
08:01:21.0686 3624 [ F36278E42C8C5DF03CE17DAC8231C91C ] C:\WINDOWS\system32\basesrv.dll
08:01:21.0746 3624 [ F3FA14A297BC687D0B51289D034033C9 ] C:\WINDOWS\system32\winsrv.dll
08:01:21.0816 3624 [ F3FA14A297BC687D0B51289D034033C9 ] C:\WINDOWS\system32\winsrv.dll
08:01:21.0866 3624 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] C:\WINDOWS\system32\services.exe
08:01:21.0866 3624 [Global] - ok
08:01:21.0866 3624 ================ Scan MBR ==================================
08:01:21.0896 3624 [ 413FC2A0C716421B3158746D63736515 ] \Device\Harddisk0\DR0
08:01:22.0147 3624 \Device\Harddisk0\DR0 - ok
08:01:22.0147 3624 ================ Scan VBR ==================================
08:01:22.0157 3624 [ 728B14965E0F1E88F1C355671469218D ] \Device\Harddisk0\DR0\Partition1
08:01:22.0157 3624 \Device\Harddisk0\DR0\Partition1 - ok
08:01:22.0177 3624 [ 18D76E6E1398B612C432253891391A85 ] \Device\Harddisk0\DR0\Partition2
08:01:22.0177 3624 \Device\Harddisk0\DR0\Partition2 - ok
08:01:22.0187 3624 ============================================================
08:01:22.0187 3624 Scan finished
08:01:22.0187 3624 ============================================================
08:01:22.0327 3600 Detected object count: 13
08:01:22.0327 3600 Actual detected object count: 13
08:01:51.0779 3600 acernbm ( UnsignedFile.Multi.Generic ) - skipped by user
08:01:51.0779 3600 acernbm ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:01:51.0779 3600 BtAudio ( UnsignedFile.Multi.Generic ) - skipped by user
08:01:51.0779 3600 BtAudio ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:01:51.0779 3600 BTDriver ( UnsignedFile.Multi.Generic ) - skipped by user
08:01:51.0779 3600 BTDriver ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:01:51.0779 3600 BTKRNL ( UnsignedFile.Multi.Generic ) - skipped by user
08:01:51.0779 3600 BTKRNL ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:01:51.0779 3600 BTSERIAL ( UnsignedFile.Multi.Generic ) - skipped by user
08:01:51.0779 3600 BTSERIAL ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:01:51.0779 3600 BTSLBCSP ( UnsignedFile.Multi.Generic ) - skipped by user
08:01:51.0779 3600 BTSLBCSP ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:01:51.0789 3600 btwdins ( UnsignedFile.Multi.Generic ) - skipped by user
08:01:51.0789 3600 btwdins ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:01:51.0789 3600 BTWDNDIS ( UnsignedFile.Multi.Generic ) - skipped by user
08:01:51.0789 3600 BTWDNDIS ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:01:51.0789 3600 BTWUSB ( UnsignedFile.Multi.Generic ) - skipped by user
08:01:51.0789 3600 BTWUSB ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:01:51.0789 3600 DKbFltr ( UnsignedFile.Multi.Generic ) - skipped by user
08:01:51.0789 3600 DKbFltr ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:01:51.0799 3600 NTIDrvr ( UnsignedFile.Multi.Generic ) - skipped by user
08:01:51.0799 3600 NTIDrvr ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:01:51.0799 3600 osadmi ( UnsignedFile.Multi.Generic ) - skipped by user
08:01:51.0799 3600 osadmi ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:01:51.0799 3600 ServiceLayer ( UnsignedFile.Multi.Generic ) - skipped by user
08:01:51.0809 3600 ServiceLayer ( UnsignedFile.Multi.Generic ) - User select action: Skip

[Márty84]

Pokud nemate, zazalohujte si radeji dulezita data (fotky, dokumenty, atd.)

Nepouzivejte ComboFix bez predchozi domluvy! Je to poruseni pravidel fora a ztratite tim narok na pomoc!

Stahnete ComboFix http://download.bleepingcomputer.com/sUBs/ComboFix.exe a ulozte ho na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Spustte ComboFix.
Odsouhlaste licencni podminky a nechte program pracovat. Jestli vam nabidne instalaci Konzoly pro zotaveni, souhlaste.
Po dobu skenu nic nespoustejte, nikam neklikejte.
Po dokonceni skenovani (muze dojit i k restartu pc) by se mel vytvorit log, ktery bude umisteny zde C:\ComboFix.txt
Jeho obsah sem zkopirujte

Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace
Kdyz windows nabehne, ale pri spousteni programu bude hlasena chyba, staci restartovat pc a bude to v poradku

[red]

Muselo dojít k nějakému omylu, combo fix jsem vůbec nepoužíval, ani jsem jej neměl stažený v pc. Jediné, co jsem použil, byl ccleaner, ale ten jsem použil těsně před tím, než jsem udělal první log, který jsem posléze dal na toto fórum. Jinak vůbec nic.

ComboFix 13-02-07.02 - Red 10.02.2013 9:05.1.1 - FAT32x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.510.137 [GMT 1:00]
Spuštěný z: c:\documents and settings\Red\Dokumenty\Sta×enÚ soubory\ComboFix.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\System32\MASetupCleaner.exe
c:\windows\system32\System32\muzapp.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-01-10 do 2013-02-10 )))))))))))))))))))))))))))))))
.
.
2013-02-09 16:02 . 2013-02-09 16:02 -------- d-----w- C:\_OTM
2013-02-09 14:47 . 2013-02-09 14:47 -------- d-----w- c:\windows\snack
2013-02-09 12:05 . 2013-02-09 12:05 -------- d-----w- c:\documents and settings\Red\Data aplikací\Malwarebytes
2013-02-09 12:05 . 2013-02-09 12:05 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2013-02-09 10:26 . 2013-02-09 10:26 -------- d-----w- c:\program files\trend micro
2013-02-09 10:26 . 2013-02-09 10:26 -------- d-----w- C:\rsit
2013-02-09 10:14 . 2013-02-09 10:14 -------- d--h--w- c:\windows\system32\GroupPolicy
2013-01-27 01:10 . 2013-01-27 01:10 -------- d-----w- C:\2036b1fe65dd704c77
2013-01-16 12:53 . 2013-01-16 12:53 -------- d-----w- C:\FOUND.007
2013-01-13 01:14 . 2013-01-13 01:14 -------- d-----w- C:\3080e8d1ce6b6b4c13
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-02-09 17:13 . 2013-02-09 14:47 226880 ----a-w- c:\windows\system32\drivers\tcpip6.sys.dump
2013-02-09 17:13 . 2013-02-09 14:47 5888 ----a-w- c:\windows\system32\drivers\rootmdm.sys.dump
2013-02-09 17:13 . 2013-02-09 14:47 37608 ----a-w- c:\windows\system32\drivers\wdfldr.sys.dump
2013-01-17 00:28 . 2011-04-09 23:01 232336 ------w- c:\windows\system32\MpSigStub.exe
2013-01-15 15:56 . 2012-06-19 16:13 477616 ----a-w- c:\windows\system32\npdeployJava1.dll
2013-01-15 15:56 . 2011-05-06 09:12 473520 ----a-w- c:\windows\system32\deployJava1.dll
2013-01-15 14:14 . 2012-06-19 16:13 73728 ----a-w- c:\windows\system32\javacpl.cpl
2013-02-06 18:31 . 2013-02-06 18:29 262552 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"KiesTrayAgent"="c:\program files\Samsung\Kies\KiesTrayAgent.exe" [2012-10-11 309688]
"KiesPDLR"="c:\program files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2012-11-09 843208]
"KiesPreload"="c:\program files\Samsung\Kies\Kies.exe" [2012-10-11 966072]
"KiesAirMessage"="c:\program files\Samsung\Kies\KiesAirMessage.exe" [2012-10-09 580096]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LaunchApp"="Alaunch" [X]
"ATIModeChange"="Ati2mdxx.exe" [2001-09-04 28672]
"ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2004-01-27 335872]
"SoundMan"="SOUNDMAN.EXE" [2003-12-19 65024]
"AGRSMMSG"="AGRSMMSG.exe" [2003-09-23 88363]
"LtMoh"="c:\program files\ltmoh\Ltmoh.exe" [2003-04-28 184320]
"SynTPLpr"="c:\program files\Synaptics\SynTP\SynTPLpr.exe" [2003-04-18 110592]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2003-04-18 610304]
"LManager"="c:\program files\Launch Manager\QtZgAcer.EXE" [2004-02-27 294912]
"AcerNotebookManager"="c:\program files\Acer\Notebook Manager\almxptray.exe" [2003-12-11 509952]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2011-07-27 434080]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\System32\\muzapp.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\ICQ7.6\\ICQ.exe"=
.
R2 acernbm;acernbm;c:\windows\system32\drivers\acernbm.sys [22.3.2004 11:40 6501]
R2 osadmi;osadmi;c:\windows\system32\drivers\osadmi.sys [22.3.2004 11:40 6714]
R2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [3.11.2006 19:19 13592]
R3 CONAN;CONAN;c:\windows\system32\drivers\o2mmb.sys [22.3.2004 11:25 190804]
R3 MbxStby;MbxStby;c:\windows\system32\drivers\MbxStby.sys [22.3.2004 11:25 5817]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\drivers\ssudbus.sys [10.10.2012 17:45 83168]
S3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys [5.8.2011 23:58 20032]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\drivers\ssudmdm.sys [10.10.2012 17:45 181344]
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - 68164584
*Deregistered* - 68164584
.
Obsah adresáře 'Naplánované úlohy'
.
2013-02-10 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Windows Defender\MpCmdRun.exe [2006-11-03 18:20]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.com
uInternet Connection Wizard,ShellNext = hxxp://global.acer.com/
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Send To &Bluetooth - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: {{7644E42D-B096-457F-8B5B-901238FC81AE} - c:\program files\ICQ7.6\ICQ.exe
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\documents and settings\Red\Data aplikací\Mozilla\Firefox\Profiles\v12qq6x4.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - seznam.cz
FF - ExtSQL: 2013-02-08 00:01; {CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA}; c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA}
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-01_Simmental - c:\program files\Samsung\USB Drivers\01_Simmental\Uninstall.exe
AddRemove-02_Siberian - c:\program files\Samsung\USB Drivers\02_Siberian\Uninstall.exe
AddRemove-03_Swallowtail - c:\program files\Samsung\USB Drivers\03_Swallowtail\Uninstall.exe
AddRemove-04_semseyite - c:\program files\Samsung\USB Drivers\04_semseyite\Uninstall.exe
AddRemove-05_Sloan - c:\program files\Samsung\USB Drivers\05_Sloan\Uninstall.exe
AddRemove-06_Spencer - c:\program files\Samsung\USB Drivers\06_Spencer\Uninstall.exe
AddRemove-07_Schorl - c:\program files\Samsung\USB Drivers\07_Schorl\Uninstall.exe
AddRemove-08_EMPChipset - c:\program files\Samsung\USB Drivers\08_EMPChipset\Uninstall.exe
AddRemove-09_Hsp - c:\program files\Samsung\USB Drivers\09_Hsp\Uninstall.exe
AddRemove-11_HSP_Plus_Default - c:\program files\Samsung\USB Drivers\11_HSP_Plus_Default\Uninstall.exe
AddRemove-16_Shrewsbury - c:\program files\Samsung\USB Drivers\16_Shrewsbury\Uninstall.exe
AddRemove-17_EMP_Chipset2 - c:\program files\Samsung\USB Drivers\17_EMP_Chipset2\Uninstall.exe
AddRemove-18_Zinia_Serial_Driver - c:\program files\Samsung\USB Drivers\18_Zinia_Serial_Driver\Uninstall.exe
AddRemove-19_VIA_driver - c:\program files\Samsung\USB Drivers\19_VIA_driver\Uninstall.exe
AddRemove-20_NXP_Driver - c:\program files\Samsung\USB Drivers\20_NXP_Driver\Uninstall.exe
AddRemove-21_Searsburg - c:\program files\Samsung\USB Drivers\21_Searsburg\Uninstall.exe
AddRemove-22_WiBro_WiMAX - c:\program files\Samsung\USB Drivers\22_WiBro_WiMAX\Uninstall.exe
AddRemove-24_flashusbdriver - c:\program files\Samsung\USB Drivers\24_flashusbdriver\Uninstall.exe
AddRemove-25_escape - c:\program files\Samsung\USB Drivers\25_escape\Uninstall.exe
AddRemove-26_VIA_driver2 - c:\program files\Samsung\USB Drivers\26_VIA_driver2\Uninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-02-10 09:12
Windows 5.1.2600 Service Pack 3 FAT NTAPI
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
Celkový čas: 2013-02-10 09:14:31
ComboFix-quarantined-files.txt 2013-02-10 08:14
.
Před spuštěním: 5 344 018 432
Po spuštění: 6 669 058 048
.
WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /NoExecute=OptIn
.
- - End Of File - - 150C1287FB64FB13B1AFD4FC705434C5

[Márty84]

Muselo dojít k nějakému omylu, combo fix jsem vůbec nepoužíval, ani jsem jej neměl stažený v pc. Jediné, co jsem použil, byl ccleaner, ale ten jsem použil těsně před tím, než jsem udělal první log, který jsem posléze dal na toto fórum. Jinak vůbec nic.

K zadnemu omylu nedoslo To varovani tam davam vzdy, aby to nejaky navstevnik, co forum procita, nespoustel na vlastni pest.



Prejmenujte ComboFix na Uninstall a spustte ho. CF by se mel odinstalovat.

T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe

• Stahnete a spustte
• Pro potvrzeni volby mackejte A, Enter
• Po pouziti utilitu smazte
• Antiviry mohou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

Stahnete OTC http://oldtimer.geekstogo.com/OTC.exe , ulozte a spustte.
Kliknete na napis CleanUp a pote OK - Po uklidu dojde k restartu pc.

Stahnete TFC http://oldtimer.geekstogo.com/TFC.exe , ulozte a spustte
Kliknete na START a pote OK - Po uklidu dojde k restartu pc.
Po pouziti muzete programek smazat

Znovu vycistete Ccleanerem, vcetne registru.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!

Defragmentujte disk(y)
Stahnete program Defraggler http://www.stahuj.centrum.cz/utility_a_ ... efraggler/
Pri instalaci opet pozor na toolbar
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.




Pak dejte novy log z RSIT a napiste, jak to s pc vypada

[red]

Tak po celodenní defragmentaci to je hotové. Noťas reaguje podstatně lépe než tomu bylo na začátku. Moc díky

Logfile of random's system information tool 1.09 (written by random/random)
Run by Red at 2013-02-11 09:47:33
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 7 GB (21%) free of 30 GB
Total RAM: 510 MB (12% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:47:39, on 11.2.2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\ltmoh\Ltmoh.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Launch Manager\QtZgAcer.EXE
C:\Program Files\Acer\Notebook Manager\almxptray.exe
C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files\Samsung\Kies\Kies.exe
C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\Red\Dokumenty\Stažené soubory\RSIT.exe
C:\Program Files\trend micro\Red.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://global.acer.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\QtZgAcer.EXE
O4 - HKLM\..\Run: [AcerNotebookManager] C:\Program Files\Acer\Notebook Manager\almxptray.exe
O4 - HKCU\..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
O4 - HKCU\..\Run: [KiesPDLR] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKCU\..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe /preload
O4 - HKCU\..\Run: [KiesAirMessage] C:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup
O4 - HKCU\..\Run: [] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Send To &Bluetooth - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files\ICQ7.6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files\ICQ7.6\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - c:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 6144 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\MP Scheduled Scan.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Red\Data aplikací\Mozilla\Firefox\Profiles\v12qq6x4.default

prefs.js - "browser.search.suggest.enabled" - false
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "seznam.cz"
prefs.js - "extensions.enabledItems" - "{20a82645-c095-46ed-80e3-08825760534b}:1.2.1, {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20, {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21, {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.4.51, bkmrksync@nokia.com:1.0.0.732, {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22, jqs@sun.com:1.0, {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6778, {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23, en-GB@dictionaries.addons.mozilla.org:1.19.1, cs@dictionaries.addons.mozilla.org:1.0.2, de-DE@dictionaries.addons.mozilla.org:2.0.2, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.9"

"jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.3.300.257 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_257.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_39]
"Description"=
"Path"=C:\WINDOWS\system32\npdeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files\Mozilla Firefox\plugins\
NPOFF12.DLL
nppdf32.dll

C:\Program Files\Mozilla Firefox\searchplugins\
wikipedia-cz.xml
slunecnice-cz.xml
seznam-cz.xml
jyxo-cz.xml
heureka-cz.xml
google.xml

C:\Documents and Settings\Red\Data aplikací\Mozilla\Firefox\Profiles\v12qq6x4.default\extensions\
en-GB@dictionaries.addons.mozilla.org
de-DE@dictionaries.addons.mozilla.org
cs@dictionaries.addons.mozilla.org

C:\Documents and Settings\Red\Data aplikací\Mozilla\Firefox\Profiles\v12qq6x4.default\searchplugins\
googlede.xml
googlecom-in-english.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-18 66280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2013-01-15 330160]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2013-01-15 59824]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2013-01-15 80304]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"LaunchApp"=Alaunch []
"ATIModeChange"=C:\WINDOWS\system32\Ati2mdxx.exe [2001-09-04 28672]
"ATIPTA"=C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [2004-01-27 335872]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2003-12-19 65024]
"AGRSMMSG"=C:\WINDOWS\AGRSMMSG.exe [2003-09-23 88363]
"LtMoh"=C:\Program Files\ltmoh\Ltmoh.exe [2003-04-28 184320]
"SynTPLpr"=C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [2003-04-18 110592]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2003-04-18 610304]
"LManager"=C:\Program Files\Launch Manager\QtZgAcer.EXE [2004-02-27 294912]
"AcerNotebookManager"=C:\Program Files\Acer\Notebook Manager\almxptray.exe [2003-12-11 509952]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"KiesTrayAgent"=C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [2012-10-11 309688]
"KiesPDLR"=C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [2012-11-09 843208]
"KiesPreload"=C:\Program Files\Samsung\Kies\Kies.exe [2012-10-11 966072]
"KiesAirMessage"=C:\Program Files\Samsung\Kies\KiesAirMessage.exe [2012-10-09 580096]
""=C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [2012-11-09 843208]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2009-01-30 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"=C:\PROGRA~1\WINDOW~4\MpShHook.dll [2006-11-03 83224]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\WINDOWS\System32\muzapp.exe"="C:\WINDOWS\System32\muzapp.exe:*:Enabled:MUZ AOD APP player"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\ICQ7.6\ICQ.exe"="C:\Program Files\ICQ7.6\ICQ.exe:*:Enabled:ICQ7.6"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\ICQ7.6\ICQ.exe"="C:\Program Files\ICQ7.6\ICQ.exe:*:Enabled:ICQ7.6"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.l3acm"=C:\WINDOWS\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"msacm.iac2"=C:\WINDOWS\System32\iac25_32.ax
"vidc.iv41"=ir41_32.ax
"vidc.iv50"=ir50_32.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"mixer1"=wdmaud.drv

======List of files/folders created in the last 1 month======

2013-02-11 09:47:33 ----D---- C:\rsit
2013-02-10 10:21:54 ----D---- C:\Program Files\Defraggler
2013-02-10 09:59:56 ----SHD---- C:\Recycled
2013-02-10 09:55:35 ----SD---- C:\Uninstall
2013-02-10 09:14:34 ----D---- C:\WINDOWS\temp
2013-02-10 09:01:02 ----A---- C:\Boot.bak
2013-02-10 09:00:59 ----RASHD---- C:\cmdcons
2013-02-09 15:47:32 ----D---- C:\WINDOWS\snack
2013-02-09 13:05:16 ----D---- C:\Documents and Settings\Red\Data aplikací\Malwarebytes
2013-02-09 13:05:03 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2013-02-09 11:26:40 ----D---- C:\Program Files\trend micro
2013-02-09 11:17:00 ----D---- C:\Config.Msi
2013-02-09 11:14:35 ----HD---- C:\WINDOWS\system32\GroupPolicy
2013-02-08 00:01:44 ----A---- C:\WINDOWS\system32\javaws.exe
2013-02-08 00:01:43 ----A---- C:\WINDOWS\system32\javaw.exe
2013-02-08 00:01:43 ----A---- C:\WINDOWS\system32\java.exe
2013-02-06 19:29:39 ----D---- C:\Program Files\Mozilla Firefox
2013-01-27 02:10:34 ----D---- C:\2036b1fe65dd704c77
2013-01-16 13:53:10 ----D---- C:\FOUND.007
2013-01-13 02:14:18 ----D---- C:\3080e8d1ce6b6b4c13

======List of files/folders modified in the last 1 month======

2013-02-11 09:12:02 ----A---- C:\WINDOWS\ModemLog_Agere Systems AC'97 Modem.txt
2013-02-11 09:10:48 ----N---- C:\WINDOWS\SchedLgU.Txt
2013-02-10 09:12:44 ----A---- C:\WINDOWS\system.ini
2013-02-10 09:01:04 ----RASH---- C:\boot.ini
2013-01-17 01:28:58 ----N---- C:\WINDOWS\system32\MpSigStub.exe
2013-01-15 16:56:10 ----A---- C:\WINDOWS\system32\npdeployJava1.dll
2013-01-15 16:56:08 ----A---- C:\WINDOWS\system32\deployJava1.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 agp440;Filtr Intel sběrnice AGP; C:\WINDOWS\System32\DRIVERS\agp440.sys [2008-04-13 42368]
R0 BTKRNL;Bluetooth Protocol Stack; C:\WINDOWS\System32\drivers\btkrnl.sys [2003-07-29 1257418]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI Texas Instruments; C:\WINDOWS\System32\DRIVERS\ohci1394.sys [2008-04-13 61696]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2009-04-28 44944]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2003-04-16 12032]
R2 acernbm;acernbm; C:\WINDOWS\system32\drivers\acernbm.sys [2004-01-06 6501]
R2 BTSERIAL;Bluetooth Serial Driver; \??\C:\WINDOWS\System32\drivers\btserial.sys []
R2 BTSLBCSP;Bluetooth Port Client Driver; \??\C:\WINDOWS\System32\drivers\btslbcsp.sys []
R2 irda;Protokol IrDA; C:\WINDOWS\System32\DRIVERS\irda.sys [2008-04-13 88192]
R2 osadmi;osadmi; C:\WINDOWS\system32\drivers\osadmi.sys [2003-12-10 6714]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\WINDOWS\System32\DRIVERS\AGRSM.sys [2003-09-23 1197740]
R3 ALCXSENS;Service for WDM 3D Audio Driver; C:\WINDOWS\system32\drivers\ALCXSENS.SYS [2003-12-11 391424]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2003-12-19 541548]
R3 ati2mtag;ati2mtag; C:\WINDOWS\System32\DRIVERS\ati2mtag.sys [2004-01-27 669696]
R3 BtAudio;Bluetooth Audio; C:\WINDOWS\system32\DRIVERS\btaudio.sys [2003-07-01 21861]
R3 BTDriver;Bluetooth Virtual Communications Driver; C:\WINDOWS\system32\DRIVERS\btport.sys [2003-07-01 30235]
R3 CONAN;CONAN; C:\WINDOWS\system32\drivers\o2mmb.sys [2004-01-07 190804]
R3 DKbFltr;Dritek HotKey Keyboard Filter Driver; C:\WINDOWS\System32\Drivers\DKbFltr.sys [2002-11-20 17983]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 MbxStby;MbxStby; C:\WINDOWS\system32\drivers\MbxStby.sys [2003-08-26 5817]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 NSCIRDA;NSC Infrared Device Driver; C:\WINDOWS\System32\DRIVERS\nscirda.sys [2008-04-13 28672]
R3 NTIDrvr;Upper Class Filter Driver; C:\WINDOWS\System32\DRIVERS\NTIDrvr.sys [2004-03-22 6912]
R3 O2SCBUS;O2Micro SmartCardBus Reader; C:\WINDOWS\System32\DRIVERS\ozscr.sys [2003-10-08 91395]
R3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\System32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\System32\DRIVERS\SynTP.sys [2003-04-18 270288]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 w22n51;Intel(R) PRO/Wireless 2200 Adapter Driver; C:\WINDOWS\System32\DRIVERS\w22n51.sys [2004-03-08 1657344]
S3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2008-04-13 60800]
S3 b57w2k;Broadcom NetXtreme Gigabit Ethernet; C:\WINDOWS\System32\DRIVERS\b57xp32.sys [2003-10-16 113280]
S3 BTWDNDIS;Bluetooth LAN Access Server; C:\WINDOWS\system32\DRIVERS\btwdndis.sys [2003-07-01 146812]
S3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2003-07-01 51848]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2012-09-20 83168]
S3 dgderdrv;dgderdrv; C:\WINDOWS\System32\drivers\dgderdrv.sys [2011-07-26 20032]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 NIC1394;1394 Net Driver; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2008-04-13 61824]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2012-09-20 181344]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2009-01-30 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\System32\Ati2evxx.exe [2004-01-27 397312]
R2 btwdins;Bluetooth Service; c:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2003-07-29 135168]
R2 Irmon;Sledování infračerveného přenosu; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 WinDefend;Windows Defender; C:\Program Files\Windows Defender\MsMpEng.exe [2006-11-03 13592]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 268288]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-02-06 115608]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2010-12-08 628736]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2009-02-04 913920]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]

-----------------EOF-----------------

[Márty84]

Log uz vypada cisty.

Pokud nepotrebujete, aby to bezelo hned pri startu pc, fixnete jeste tyto radky

O4 - HKCU\..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
O4 - HKCU\..\Run: [KiesPDLR] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKCU\..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe /preload
O4 - HKCU\..\Run: [KiesAirMessage] C:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup
O4 - HKCU\..\Run: [] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')


A vic uz z toho nevymacknem. Mate malou RAMku a ten disk tomu taky nepomaha


Rozhodne by to ale chtelo antivir, jinak jste tu za chvili znova Po nainstalovani antiviru vypnete Windows Defender.


No a pokud tedy neni nejaky problem, mame hotovo

[red]

Super, díky moc. Zmíněné jsem fixnul, hlavně ten kies mě pěkně štval. Antivir tam zase nějaký dám. A propos můžete mi nějaký doporučit, co by s ohledem na mého staříka, ho moc nezatěžoval?

[Márty84]

Zkuste treba Aviru. Pri instalaci pozorne ctete. Bude se tam asi chtit vetrit ask toolbar. Toho do pc nepoustejte!!! Je to brzda.

Mate jeste nejaky dotaz, nebo to muzeme uzavrit?

[red]

Za mě to je všechno. Velké díky