Zahlcené PC

[papperwing]

A teď mám pokračovat, jak kdybych je odstranil, nebo to mám spustit znova?

[Márty84]

No bylo by lepsi to smazat. Zkuste jen rychlou kontrolu. Mel by najit ten registr. Soubory se daji smazat rucne, nebo skriptem.

[papperwing]

Po provedení rychlého scanu tam nic nalezeno nebylo, takže nyní mám pokračovat?

[Márty84]

Zrejme to stihnul smazat, nez se to seklo. Takze ho odinstalujte a pokracujte dalsimy kroky.

[papperwing]

zde je první log z tdssk:

19:02:53.0828 4064 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
19:03:03.0640 4064 ============================================================
19:03:03.0640 4064 Current date / time: 2014/04/27 19:03:03.0640
19:03:03.0640 4064 SystemInfo:
19:03:03.0640 4064
19:03:03.0640 4064 OS Version: 5.1.2600 ServicePack: 3.0
19:03:03.0640 4064 Product type: Workstation
19:03:03.0640 4064 ComputerName: TEST-45256F6D53
19:03:03.0640 4064 UserName: TEST1
19:03:03.0640 4064 Windows directory: C:\WINDOWS
19:03:03.0640 4064 System windows directory: C:\WINDOWS
19:03:03.0640 4064 Processor architecture: Intel x86
19:03:03.0640 4064 Number of processors: 2
19:03:03.0640 4064 Page size: 0x1000
19:03:03.0640 4064 Boot type: Normal boot
19:03:03.0640 4064 ============================================================
19:03:04.0843 4064 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
19:03:04.0843 4064 ============================================================
19:03:04.0843 4064 \Device\Harddisk0\DR0:
19:03:04.0843 4064 MBR partitions:
19:03:04.0843 4064 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A385FF1
19:03:04.0843 4064 ============================================================
19:03:04.0875 4064 C: <-> \Device\Harddisk0\DR0\Partition1
19:03:04.0890 4064 ============================================================
19:03:04.0890 4064 Initialize success
19:03:04.0890 4064 ============================================================
19:03:27.0578 2392 ============================================================
19:03:27.0578 2392 Scan started
19:03:27.0578 2392 Mode: Manual; SigCheck; TDLFS;
19:03:27.0578 2392 ============================================================
19:03:28.0406 2392 ================ Scan system memory ========================
19:03:28.0406 2392 System memory - ok
19:03:28.0406 2392 ================ Scan services =============================
19:03:28.0531 2392 [ 2CCFA74242741CA22A4267CCE9B586F4 ] Aavmker4 C:\WINDOWS\system32\drivers\Aavmker4.sys
19:03:28.0718 2392 Aavmker4 - ok
19:03:28.0734 2392 Abiosdsk - ok
19:03:28.0734 2392 abp480n5 - ok
19:03:28.0750 2392 [ 4FE34F1F3126B61FCC6B2043AA8112C9 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
19:03:30.0406 2392 ACPI - ok
19:03:30.0437 2392 [ AFDFF022A01F0B11C776F0860C3B282F ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
19:03:30.0546 2392 ACPIEC - ok
19:03:30.0562 2392 adpu160m - ok
19:03:30.0578 2392 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
19:03:30.0703 2392 aec - ok
19:03:30.0734 2392 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
19:03:30.0765 2392 AFD - ok
19:03:30.0765 2392 Aha154x - ok
19:03:30.0765 2392 aic78u2 - ok
19:03:30.0765 2392 aic78xx - ok
19:03:30.0812 2392 [ E0A6FA244B8624D78FE5FF6F56A33BAE ] Alerter C:\WINDOWS\system32\alrsvc.dll
19:03:30.0906 2392 Alerter - ok
19:03:30.0906 2392 [ 88842DE939A827577BF24243699AC80A ] ALG C:\WINDOWS\System32\alg.exe
19:03:31.0015 2392 ALG - ok
19:03:31.0015 2392 AliIde - ok
19:03:31.0062 2392 [ AD8FA28D8ED0D0A689A0559085CE0F18 ] AmdLLD C:\WINDOWS\system32\DRIVERS\AmdLLD.sys
19:03:31.0109 2392 AmdLLD - ok
19:03:31.0109 2392 amsint - ok
19:03:31.0140 2392 [ 6B8E7A90E576D4FE308F97C69060A171 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
19:03:31.0250 2392 AppMgmt - ok
19:03:31.0296 2392 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
19:03:31.0375 2392 Arp1394 - ok
19:03:31.0375 2392 asc - ok
19:03:31.0390 2392 asc3350p - ok
19:03:31.0390 2392 asc3550 - ok
19:03:31.0500 2392 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
19:03:31.0515 2392 aspnet_state - ok
19:03:31.0562 2392 [ B4079A98F294A3E262872CB76F4849F0 ] aswFsBlk C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys
19:03:31.0562 2392 aswFsBlk - ok
19:03:31.0593 2392 [ 4D6C6E0505A8E5A0656DCB223497D37C ] aswHwid C:\WINDOWS\system32\drivers\aswHwid.sys
19:03:31.0609 2392 aswHwid - ok
19:03:31.0609 2392 [ DBEE7B5ECB50FC2CF9323F52CBF41141 ] aswMon2 C:\WINDOWS\system32\drivers\aswMon2.sys
19:03:31.0640 2392 aswMon2 - ok
19:03:31.0656 2392 [ 8080D683489C99CBACE813F6FA4069CC ] aswRdr C:\WINDOWS\system32\drivers\aswRdr.sys
19:03:31.0671 2392 aswRdr - ok
19:03:31.0687 2392 [ 24B3BDA01DB3A704E33A5266C7B52DAF ] aswRvrt C:\WINDOWS\system32\drivers\aswRvrt.sys
19:03:31.0703 2392 aswRvrt - ok
19:03:31.0734 2392 [ A148A36F871BFDBF80654D28D6B59FAE ] aswSnx C:\WINDOWS\system32\drivers\aswSnx.sys
19:03:31.0765 2392 aswSnx - ok
19:03:31.0812 2392 [ 2E5A2AD5004B55DF39B7606130A88142 ] aswSP C:\WINDOWS\system32\drivers\aswSP.sys
19:03:31.0828 2392 aswSP - ok
19:03:31.0828 2392 [ D4C83A37EFADFA2C398362E0776E3773 ] aswTdi C:\WINDOWS\system32\drivers\aswTdi.sys
19:03:31.0859 2392 aswTdi - ok
19:03:31.0937 2392 [ 5DEBC3519D489411073FA7E56FFB4A93 ] aswUpdSv C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
19:03:31.0937 2392 aswUpdSv - ok
19:03:31.0984 2392 [ B2D7EE52633CA8831DDAFCA81C2D46C3 ] aswVmm C:\WINDOWS\system32\drivers\aswVmm.sys
19:03:32.0000 2392 aswVmm - ok
19:03:32.0015 2392 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
19:03:32.0078 2392 AsyncMac - ok
19:03:32.0125 2392 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
19:03:32.0234 2392 atapi - ok
19:03:32.0281 2392 [ 19F277BC4CE5689F20F347A6B8AA8C42 ] AtcL001 C:\WINDOWS\system32\DRIVERS\atl01_xp.sys
19:03:32.0328 2392 AtcL001 - ok
19:03:32.0328 2392 Atdisk - ok
19:03:32.0375 2392 [ 5B80E84AF6B02ECAB72DAE9AFEE06309 ] atksgt C:\WINDOWS\system32\DRIVERS\atksgt.sys
19:03:32.0390 2392 atksgt ( UnsignedFile.Multi.Generic ) - warning
19:03:32.0390 2392 atksgt - detected UnsignedFile.Multi.Generic (1)
19:03:32.0421 2392 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
19:03:32.0500 2392 Atmarpc - ok
19:03:32.0531 2392 [ DE31B88962A8645DBA5A37B993E7B0F1 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
19:03:32.0609 2392 AudioSrv - ok
19:03:32.0656 2392 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
19:03:32.0750 2392 audstub - ok
19:03:32.0781 2392 [ 0AAF6B848185899CF76AE04E62EAB3D2 ] avast! Antivirus C:\Program Files\Alwil Software\Avast4\ashServ.exe
19:03:32.0796 2392 avast! Antivirus - ok
19:03:32.0843 2392 [ B2F564DC59B67763C73269E1A9DA7F18 ] avast! Mail Scanner C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
19:03:32.0875 2392 avast! Mail Scanner - ok
19:03:32.0906 2392 [ D86010C96ABADDA75356834D6113D37D ] avast! Web Scanner C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
19:03:32.0921 2392 avast! Web Scanner - ok
19:03:32.0984 2392 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
19:03:33.0078 2392 Beep - ok
19:03:33.0125 2392 [ 19395D092FD85DDC2D9C7729CF5A2AC8 ] BITS C:\WINDOWS\system32\qmgr.dll
19:03:33.0218 2392 BITS - ok
19:03:33.0250 2392 [ 89E739BBA5F636297EA5B5F811189E06 ] Browser C:\WINDOWS\System32\browser.dll
19:03:33.0296 2392 Browser - ok
19:03:33.0421 2392 catchme - ok
19:03:33.0468 2392 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
19:03:33.0562 2392 cbidf2k - ok
19:03:33.0578 2392 [ FDC06E2ADA8C468EBB161624E03976CF ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
19:03:33.0625 2392 CCDECODE - ok
19:03:33.0625 2392 cd20xrnt - ok
19:03:33.0671 2392 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
19:03:33.0750 2392 Cdaudio - ok
19:03:33.0781 2392 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
19:03:33.0875 2392 Cdfs - ok
19:03:33.0875 2392 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
19:03:33.0968 2392 Cdrom - ok
19:03:33.0968 2392 Changer - ok
19:03:33.0984 2392 [ E390DC1D7C461D7D56EC53402F329928 ] CiSvc C:\WINDOWS\system32\cisvc.exe
19:03:34.0078 2392 CiSvc - ok
19:03:34.0093 2392 [ 064507A8DFA8C5C7E2FFDDD3E6F424FA ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
19:03:34.0187 2392 ClipSrv - ok
19:03:34.0234 2392 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:03:34.0265 2392 clr_optimization_v2.0.50727_32 - ok
19:03:34.0296 2392 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:03:34.0312 2392 clr_optimization_v4.0.30319_32 - ok
19:03:34.0312 2392 CmdIde - ok
19:03:34.0312 2392 COMSysApp - ok
19:03:34.0312 2392 Cpqarray - ok
19:03:34.0328 2392 [ F3AB0933CBD166D271992F411C27CCAF ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
19:03:34.0406 2392 CryptSvc - ok
19:03:34.0406 2392 dac2w2k - ok
19:03:34.0406 2392 dac960nt - ok
19:03:34.0453 2392 [ BE27674D1CBC3214AEC84B4336A38BBF ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
19:03:34.0484 2392 DcomLaunch - ok
19:03:34.0531 2392 [ 8C9A53E285AC5E6704844D0459EC85BE ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
19:03:34.0671 2392 Dhcp - ok
19:03:34.0687 2392 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
19:03:34.0781 2392 Disk - ok
19:03:34.0781 2392 dmadmin - ok
19:03:34.0812 2392 [ DB5FD2BF5B07DC54BFCB3664FF05BD7C ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
19:03:34.0921 2392 dmboot - ok
19:03:34.0921 2392 [ FFF1720AF51171F32F1EAD5CF71F2810 ] dmio C:\WINDOWS\system32\drivers\dmio.sys
19:03:35.0015 2392 dmio - ok
19:03:35.0062 2392 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
19:03:35.0156 2392 dmload - ok
19:03:35.0203 2392 [ 2BFEFE9E865655A76982F050450B9591 ] dmserver C:\WINDOWS\System32\dmserver.dll
19:03:35.0296 2392 dmserver - ok
19:03:35.0375 2392 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
19:03:35.0484 2392 DMusic - ok
19:03:35.0546 2392 [ DFAA406BF19F4EE806A6F8D4342137F7 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
19:03:35.0703 2392 Dnscache - ok
19:03:35.0750 2392 [ 4A3E2BD20157A0946751229E92EB8621 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
19:03:35.0875 2392 Dot3svc - ok
19:03:35.0890 2392 dpti2o - ok
19:03:35.0921 2392 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
19:03:36.0000 2392 drmkaud - ok
19:03:36.0000 2392 EagleXNt - ok
19:03:36.0046 2392 [ 0887D9C2BE8D940778CAD1E3B85F2A41 ] EapHost C:\WINDOWS\System32\eapsvc.dll
19:03:36.0156 2392 EapHost - ok
19:03:36.0203 2392 [ A2A4912798F2BE706ABADD3D30800D16 ] ERSvc C:\WINDOWS\System32\ersvc.dll
19:03:36.0328 2392 ERSvc - ok
19:03:36.0390 2392 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] Eventlog C:\WINDOWS\system32\services.exe
19:03:36.0437 2392 Eventlog - ok
19:03:36.0500 2392 [ A371F11EF07653591C8DE26AFB13CE7F ] EventSystem C:\WINDOWS\system32\es.dll
19:03:36.0578 2392 EventSystem - ok
19:03:36.0765 2392 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
19:03:36.0937 2392 Fastfat - ok
19:03:36.0984 2392 [ EE9A2B9EA968A792A053C9D1A86BF870 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
19:03:37.0078 2392 FastUserSwitchingCompatibility - ok
19:03:37.0093 2392 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
19:03:37.0218 2392 Fdc - ok
19:03:37.0250 2392 [ AC366695A0796560AA37215AD5762AAF ] Fips C:\WINDOWS\system32\drivers\Fips.sys
19:03:37.0359 2392 Fips - ok
19:03:37.0375 2392 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
19:03:37.0453 2392 Flpydisk - ok
19:03:37.0500 2392 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
19:03:37.0625 2392 FltMgr - ok
19:03:37.0750 2392 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
19:03:37.0765 2392 FontCache3.0.0.0 - ok
19:03:37.0796 2392 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
19:03:37.0921 2392 Fs_Rec - ok
19:03:37.0937 2392 [ 4E664D8541DB4A66B73A24257E322E1F ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
19:03:38.0046 2392 Ftdisk - ok
19:03:38.0046 2392 GGSAFERDriver - ok
19:03:38.0109 2392 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
19:03:38.0218 2392 Gpc - ok
19:03:38.0312 2392 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
19:03:38.0343 2392 gupdate - ok
19:03:38.0390 2392 [ 833051C6C6C42117191935F734CFBD97 ] hamachi C:\WINDOWS\system32\DRIVERS\hamachi.sys
19:03:38.0406 2392 hamachi - ok
19:03:38.0468 2392 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
19:03:38.0640 2392 HDAudBus - ok
19:03:38.0765 2392 [ FCFE31FB75F8A6295B6B0AF87A626282 ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
19:03:38.0875 2392 helpsvc - ok
19:03:38.0921 2392 [ 00E25EE90166B3E1BE6E74AEBF858306 ] HidServ C:\WINDOWS\System32\hidserv.dll
19:03:39.0046 2392 HidServ - ok
19:03:39.0093 2392 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] hidusb C:\WINDOWS\system32\DRIVERS\hidusb.sys
19:03:39.0218 2392 hidusb - ok
19:03:39.0328 2392 [ 1256F6834307B38594CEB034BAF52568 ] HiPatchService C:\Program Files\Hi-Rez Studios\HiPatchService.exe
19:03:39.0343 2392 HiPatchService ( UnsignedFile.Multi.Generic ) - warning
19:03:39.0343 2392 HiPatchService - detected UnsignedFile.Multi.Generic (1)
19:03:39.0406 2392 [ 7A6B320928F86BC851530D63C82965D9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
19:03:39.0531 2392 hkmsvc - ok
19:03:39.0546 2392 hpn - ok
19:03:39.0578 2392 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
19:03:39.0703 2392 HTTP - ok
19:03:39.0750 2392 [ 58FE2F2DA3BC5573F4A35B3760D3125F ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
19:03:39.0859 2392 HTTPFilter - ok
19:03:39.0859 2392 i2omgmt - ok
19:03:39.0859 2392 i2omp - ok
19:03:39.0890 2392 [ C528E27945367191E7BAE364930B6932 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
19:03:40.0000 2392 i8042prt - ok
19:03:40.0125 2392 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
19:03:40.0203 2392 IDriverT ( UnsignedFile.Multi.Generic ) - warning
19:03:40.0203 2392 IDriverT - detected UnsignedFile.Multi.Generic (1)
19:03:40.0281 2392 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
19:03:40.0328 2392 idsvc - ok
19:03:40.0359 2392 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
19:03:40.0437 2392 Imapi - ok
19:03:40.0515 2392 [ F7B93AAFAD33B2320954C17E26C8D361 ] ImapiService C:\WINDOWS\system32\imapi.exe
19:03:40.0625 2392 ImapiService - ok
19:03:40.0625 2392 ini910u - ok
19:03:41.0062 2392 [ CBDDAB14249B2F05407FC09AB8FFFB88 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
19:03:41.0250 2392 IntcAzAudAddService - ok
19:03:41.0265 2392 IntelIde - ok
19:03:41.0296 2392 [ 27B290D632AF2CF3CF40BFDDB7370985 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
19:03:41.0390 2392 intelppm - ok
19:03:41.0421 2392 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
19:03:41.0500 2392 Ip6Fw - ok
19:03:41.0546 2392 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
19:03:41.0625 2392 IpFilterDriver - ok
19:03:41.0640 2392 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
19:03:41.0734 2392 IpInIp - ok
19:03:41.0734 2392 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
19:03:41.0828 2392 IpNat - ok
19:03:41.0859 2392 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
19:03:41.0968 2392 IPSec - ok
19:03:42.0000 2392 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
19:03:42.0078 2392 IRENUM - ok
19:03:42.0093 2392 [ CC9F8A2D60AED1A51A3AC34C59B987AE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
19:03:42.0171 2392 isapnp - ok
19:03:42.0187 2392 [ 1B6162FE7F66B1A71A4B70F941C4AA9B ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
19:03:42.0265 2392 Kbdclass - ok
19:03:42.0312 2392 [ 86C8F23616C6C6E5B2776901C17B945B ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
19:03:42.0390 2392 kbdhid - ok
19:03:42.0421 2392 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
19:03:42.0531 2392 kmixer - ok
19:03:42.0578 2392 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
19:03:42.0609 2392 KSecDD - ok
19:03:42.0656 2392 [ 3428E8F86F8ADD36B42FB23542C7B3E4 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
19:03:42.0750 2392 lanmanserver - ok
19:03:42.0796 2392 [ 936C1D110232D23B621CB0196E4F80F0 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
19:03:42.0828 2392 lanmanworkstation - ok
19:03:42.0843 2392 lbrtfdc - ok
19:03:42.0859 2392 [ 975B6CF65F44E95883F3855BAE8CECAF ] lirsgt C:\WINDOWS\system32\DRIVERS\lirsgt.sys
19:03:42.0875 2392 lirsgt ( UnsignedFile.Multi.Generic ) - warning
19:03:42.0875 2392 lirsgt - detected UnsignedFile.Multi.Generic (1)
19:03:42.0921 2392 [ 0AB159F536E3E8F7F07113702A07CCA5 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
19:03:43.0015 2392 LmHosts - ok
19:03:43.0078 2392 [ 11F714F85530A2BD134074DC30E99FCA ] MDM C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
19:03:43.0093 2392 MDM - ok
19:03:43.0125 2392 [ 221CD1C815B8A6B79389C3F5D1018DE8 ] Messenger C:\WINDOWS\System32\msgsvc.dll
19:03:43.0203 2392 Messenger - ok
19:03:43.0234 2392 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
19:03:43.0312 2392 mnmdd - ok
19:03:43.0359 2392 [ 9A57D046F88F4B69751B11FD40088A61 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
19:03:43.0437 2392 mnmsrvc - ok
19:03:43.0453 2392 [ 44032B0C6D9954D3FD26438330B99EE7 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
19:03:43.0546 2392 Modem - ok
19:03:43.0546 2392 [ 4CB582831DBDE63CE43B45D771218374 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
19:03:43.0640 2392 Mouclass - ok
19:03:43.0640 2392 [ BB269EBA740737AB749B214D568B6812 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
19:03:43.0734 2392 mouhid - ok
19:03:43.0750 2392 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
19:03:43.0828 2392 MountMgr - ok
19:03:43.0843 2392 mraid35x - ok
19:03:43.0843 2392 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
19:03:43.0937 2392 MRxDAV - ok
19:03:43.0953 2392 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
19:03:44.0000 2392 MRxSmb - ok
19:03:44.0031 2392 [ 6DB4D1521CABA9A5FFAB54ADE0AE867D ] MSDTC C:\WINDOWS\system32\msdtc.exe
19:03:44.0109 2392 MSDTC - ok
19:03:44.0125 2392 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
19:03:44.0203 2392 Msfs - ok
19:03:44.0203 2392 MSIServer - ok
19:03:44.0234 2392 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
19:03:44.0312 2392 MSKSSRV - ok
19:03:44.0328 2392 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
19:03:44.0406 2392 MSPCLOCK - ok
19:03:44.0453 2392 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
19:03:44.0703 2392 MSPQM - ok
19:03:44.0718 2392 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
19:03:44.0796 2392 mssmbios - ok
19:03:44.0843 2392 MSSQL$SQLEXPRESS - ok
19:03:44.0906 2392 [ F1761C8FB2B25A32C6D63E36BB88C3AE ] MSSQLServerADHelper100 c:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
19:03:44.0921 2392 MSSQLServerADHelper100 - ok
19:03:44.0953 2392 [ D5059366B361F0E1124753447AF08AA2 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
19:03:44.0984 2392 MSTEE - ok
19:03:45.0031 2392 [ D48659BB24C48345D926ECB45C1EBDF5 ] MTsensor C:\WINDOWS\system32\DRIVERS\ASACPI.sys
19:03:45.0062 2392 MTsensor - ok
19:03:45.0109 2392 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
19:03:45.0171 2392 Mup - ok
19:03:45.0234 2392 [ AC31B352CE5E92704056D409834BEB74 ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
19:03:45.0234 2392 NABTSFEC - ok
19:03:45.0281 2392 [ 6EA362E9DB03D44F6B996F4D8BE237E9 ] napagent C:\WINDOWS\System32\qagentrt.dll
19:03:45.0359 2392 napagent - ok
19:03:45.0390 2392 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
19:03:45.0515 2392 NDIS - ok
19:03:45.0531 2392 [ ABD7629CF2796250F315C1DD0B6CF7A0 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
19:03:45.0531 2392 NdisIP - ok
19:03:45.0578 2392 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
19:03:45.0625 2392 NdisTapi - ok
19:03:45.0671 2392 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
19:03:45.0750 2392 Ndisuio - ok
19:03:45.0750 2392 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
19:03:45.0828 2392 NdisWan - ok
19:03:45.0875 2392 [ 2F597BB467E05B1FE3830EABD821B8E0 ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
19:03:45.0968 2392 NDProxy - ok
19:03:46.0000 2392 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
19:03:46.0078 2392 NetBIOS - ok
19:03:46.0109 2392 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
19:03:46.0187 2392 NetBT - ok
19:03:46.0203 2392 [ 933DE774986EC85E48210C44AB431DE6 ] NetDDE C:\WINDOWS\system32\netdde.exe
19:03:46.0281 2392 NetDDE - ok
19:03:46.0281 2392 [ 933DE774986EC85E48210C44AB431DE6 ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
19:03:46.0375 2392 NetDDEdsdm - ok
19:03:46.0406 2392 [ ED0A176354487CEED65B80A7148AB739 ] Netlogon C:\WINDOWS\system32\lsass.exe
19:03:46.0484 2392 Netlogon - ok
19:03:46.0500 2392 [ 72E1E9E2977BE08BDEEDB6D8FD9D4D40 ] Netman C:\WINDOWS\System32\netman.dll
19:03:46.0625 2392 Netman - ok
19:03:46.0671 2392 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
19:03:46.0671 2392 NetTcpPortSharing - ok
19:03:46.0703 2392 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
19:03:46.0781 2392 NIC1394 - ok
19:03:46.0796 2392 [ 39EE7C3BFBC64BA87CC8CF67386E814C ] Nla C:\WINDOWS\System32\mswsock.dll
19:03:46.0828 2392 Nla - ok
19:03:46.0859 2392 [ B9730495E0CF674680121E34BD95A73B ] npf C:\WINDOWS\system32\drivers\npf.sys
19:03:46.0859 2392 npf - ok
19:03:46.0875 2392 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
19:03:46.0968 2392 Npfs - ok
19:03:46.0984 2392 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
19:03:47.0078 2392 Ntfs - ok
19:03:47.0109 2392 [ ED0A176354487CEED65B80A7148AB739 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
19:03:47.0187 2392 NtLmSsp - ok
19:03:47.0203 2392 [ 023DD70573D644F3D9C8B1258A7BFD08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
19:03:47.0312 2392 NtmsSvc - ok
19:03:47.0328 2392 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
19:03:47.0421 2392 Null - ok
19:03:47.0625 2392 [ A05D99CBF55EB493C9E82B4BCA848EF5 ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
19:03:47.0859 2392 nv - ok
19:03:47.0875 2392 [ A86A2F2B2BF5D5EED075B6417DE5CF1C ] nvsvc C:\WINDOWS\system32\nvsvc32.exe
19:03:47.0890 2392 nvsvc - ok
19:03:47.0937 2392 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
19:03:48.0031 2392 NwlnkFlt - ok
19:03:48.0031 2392 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
19:03:48.0125 2392 NwlnkFwd - ok
19:03:48.0140 2392 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
19:03:48.0234 2392 ohci1394 - ok
19:03:48.0281 2392 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:03:48.0296 2392 ose - ok
19:03:48.0328 2392 [ 46F8DB73B4A53E543F8E371DC7C75BAE ] Parport C:\WINDOWS\system32\drivers\Parport.sys
19:03:48.0406 2392 Parport - ok
19:03:48.0406 2392 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
19:03:48.0500 2392 PartMgr - ok
19:03:48.0531 2392 [ 1FAE19D0457176318BBA4A8795656EBC ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
19:03:48.0625 2392 ParVdm - ok
19:03:48.0640 2392 [ 6CE351D149CB4BEFC702951E471E1730 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
19:03:48.0718 2392 PCI - ok
19:03:48.0718 2392 PCIDump - ok
19:03:48.0734 2392 [ 2DA4EC85E0EA7A45C6B2A05820492D5A ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
19:03:48.0812 2392 PCIIde - ok
19:03:48.0828 2392 [ 4FC31E6C19A5CE5198B1ABFF94CAE758 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
19:03:48.0906 2392 Pcmcia - ok
19:03:48.0906 2392 PDCOMP - ok
19:03:48.0906 2392 PDFRAME - ok
19:03:48.0906 2392 PDRELI - ok
19:03:48.0906 2392 PDRFRAME - ok
19:03:48.0906 2392 perc2 - ok
19:03:48.0921 2392 perc2hib - ok
19:03:48.0953 2392 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] PlugPlay C:\WINDOWS\system32\services.exe
19:03:49.0000 2392 PlugPlay - ok
19:03:49.0046 2392 [ 1713D9DE407313138118D501B0E3C05B ] PnkBstrA C:\WINDOWS\system32\PnkBstrA.exe
19:03:49.0062 2392 PnkBstrA - ok
19:03:49.0062 2392 [ ED0A176354487CEED65B80A7148AB739 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
19:03:49.0140 2392 PolicyAgent - ok
19:03:49.0171 2392 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
19:03:49.0250 2392 PptpMiniport - ok
19:03:49.0250 2392 [ ED0A176354487CEED65B80A7148AB739 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
19:03:49.0328 2392 ProtectedStorage - ok
19:03:49.0328 2392 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
19:03:49.0437 2392 PSched - ok
19:03:49.0437 2392 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
19:03:49.0515 2392 Ptilink - ok
19:03:49.0515 2392 ql1080 - ok
19:03:49.0515 2392 Ql10wnt - ok
19:03:49.0531 2392 ql12160 - ok
19:03:49.0531 2392 ql1240 - ok
19:03:49.0531 2392 ql1280 - ok
19:03:49.0546 2392 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
19:03:49.0640 2392 RasAcd - ok
19:03:49.0687 2392 [ 2B5E44EA009F2F374B980E1E9A70635D ] RasAuto C:\WINDOWS\System32\rasauto.dll
19:03:49.0781 2392 RasAuto - ok
19:03:49.0781 2392 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
19:03:49.0859 2392 Rasl2tp - ok
19:03:49.0890 2392 [ D57554C664B64604BD1EE13EA2C07E77 ] RasMan C:\WINDOWS\System32\rasmans.dll
19:03:49.0968 2392 RasMan - ok
19:03:49.0968 2392 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
19:03:50.0046 2392 RasPppoe - ok
19:03:50.0046 2392 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
19:03:50.0156 2392 Raspti - ok
19:03:50.0156 2392 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
19:03:50.0250 2392 Rdbss - ok
19:03:50.0250 2392 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
19:03:50.0343 2392 RDPCDD - ok
19:03:50.0359 2392 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
19:03:50.0437 2392 rdpdr - ok
19:03:50.0484 2392 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
19:03:50.0531 2392 RDPWD - ok
19:03:50.0546 2392 [ C0D9D9711CB74EE9BC66353D8CBDAB0E ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
19:03:50.0656 2392 RDSessMgr - ok
19:03:50.0687 2392 [ 611BFD220305BE3A85AE876EA47D4AA5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
19:03:50.0765 2392 redbook - ok
19:03:50.0781 2392 [ 127C26B5371651043450E52542099ABA ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
19:03:50.0890 2392 RemoteAccess - ok
19:03:50.0906 2392 [ 8F31505484A190D5B22274708799F4EC ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
19:03:50.0984 2392 RemoteRegistry - ok
19:03:51.0031 2392 [ 718B3BDC0BC3C2F7D065A53D26202AF9 ] RpcLocator C:\WINDOWS\system32\locator.exe
19:03:51.0140 2392 RpcLocator - ok
19:03:51.0187 2392 [ BE27674D1CBC3214AEC84B4336A38BBF ] RpcSs C:\WINDOWS\System32\rpcss.dll
19:03:51.0218 2392 RpcSs - ok
19:03:51.0265 2392 [ FEDD2710B75BE3ECF078ADACE790C423 ] RsFx0102 C:\WINDOWS\system32\DRIVERS\RsFx0102.sys
19:03:51.0281 2392 RsFx0102 - ok
19:03:51.0312 2392 [ 09AB2E71E58B078038E3BFDBA7FFC984 ] RSVP C:\WINDOWS\system32\rsvp.exe
19:03:51.0406 2392 RSVP - ok
19:03:51.0437 2392 [ ED0A176354487CEED65B80A7148AB739 ] SamSs C:\WINDOWS\system32\lsass.exe
19:03:51.0515 2392 SamSs - ok
19:03:51.0546 2392 [ 410046E401EB11E1E6749E9DEEA41D4A ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
19:03:51.0656 2392 SCardSvr - ok
19:03:51.0671 2392 [ 3FF232A7731621B8902D81D42418C93C ] Schedule C:\WINDOWS\system32\schedsvc.dll
19:03:51.0859 2392 Schedule - ok
19:03:51.0890 2392 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
19:03:52.0015 2392 Secdrv - ok
19:03:52.0046 2392 [ 477E2C3CC5E4A0D635BCB0EA8DCAC3C6 ] seclogon C:\WINDOWS\System32\seclogon.dll
19:03:52.0171 2392 seclogon - ok
19:03:52.0187 2392 [ A530B75C10C23C9AB28FDB6CE719E21F ] SENS C:\WINDOWS\system32\sens.dll
19:03:52.0281 2392 SENS - ok
19:03:52.0296 2392 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
19:03:52.0390 2392 serenum - ok
19:03:52.0406 2392 [ B842729337C9B921615C40D3C1A1AF96 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
19:03:52.0484 2392 Serial - ok
19:03:52.0531 2392 [ 0B179A959FF6B6CA5927D4F255AB9F90 ] sfdrv01 C:\WINDOWS\system32\drivers\sfdrv01.sys
19:03:52.0531 2392 sfdrv01 ( UnsignedFile.Multi.Generic ) - warning
19:03:52.0531 2392 sfdrv01 - detected UnsignedFile.Multi.Generic (1)
19:03:52.0531 2392 [ 15BE2B5E4DC5B8623CF167720682ABC9 ] sfhlp02 C:\WINDOWS\system32\drivers\sfhlp02.sys
19:03:52.0546 2392 sfhlp02 ( UnsignedFile.Multi.Generic ) - warning
19:03:52.0546 2392 sfhlp02 - detected UnsignedFile.Multi.Generic (1)
19:03:52.0546 2392 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
19:03:52.0640 2392 Sfloppy - ok
19:03:52.0640 2392 [ A62EFE6AA55C6A599DDBB6BD00E8FB9C ] sfsync02 C:\WINDOWS\system32\drivers\sfsync02.sys
19:03:52.0640 2392 sfsync02 ( UnsignedFile.Multi.Generic ) - warning
19:03:52.0640 2392 sfsync02 - detected UnsignedFile.Multi.Generic (1)
19:03:52.0656 2392 [ D7AE22C19B19916C011DD82DB343539F ] sfvfs02 C:\WINDOWS\system32\drivers\sfvfs02.sys
19:03:52.0656 2392 sfvfs02 ( UnsignedFile.Multi.Generic ) - warning
19:03:52.0656 2392 sfvfs02 - detected UnsignedFile.Multi.Generic (1)
19:03:52.0671 2392 [ F58FACA9621D2DB01BD0927D9A0A208E ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
19:03:52.0765 2392 SharedAccess - ok
19:03:52.0781 2392 [ EE9A2B9EA968A792A053C9D1A86BF870 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
19:03:52.0796 2392 ShellHWDetection - ok
19:03:52.0796 2392 Simbad - ok
19:03:52.0843 2392 [ 1FFC44D6787EC1EA9A2B1440A90FA5C1 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
19:03:52.0859 2392 SLIP - ok
19:03:52.0859 2392 Sparrow - ok
19:03:52.0875 2392 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
19:03:52.0953 2392 splitter - ok
19:03:53.0031 2392 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
19:03:53.0093 2392 Spooler - ok
19:03:53.0156 2392 [ CDDDEC541BC3C96F91ECB48759673505 ] sptd C:\WINDOWS\system32\Drivers\sptd.sys
19:03:53.0156 2392 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\sptd.sys. md5: CDDDEC541BC3C96F91ECB48759673505
19:03:53.0156 2392 sptd ( LockedFile.Multi.Generic ) - warning
19:03:53.0156 2392 sptd - detected LockedFile.Multi.Generic (1)
19:03:53.0203 2392 [ EB2FD937449B7ACEB39372F875EB8E78 ] SQLAgent$SQLEXPRESS c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE
19:03:53.0234 2392 SQLAgent$SQLEXPRESS - ok
19:03:53.0281 2392 [ 99DE6ACFA5CA83FAD6A765C81C6F129F ] SQLBrowser c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
19:03:53.0312 2392 SQLBrowser - ok
19:03:53.0343 2392 [ 637A0F23F9012358E92E6F99835494D1 ] SQLWriter c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
19:03:53.0359 2392 SQLWriter - ok
19:03:53.0375 2392 [ 94610C8653635E4459316A0050D55CE7 ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
19:03:53.0468 2392 sr - ok
19:03:53.0500 2392 [ 35B91147124F64AC8081A2EDB9EA4DEE ] srservice C:\WINDOWS\system32\srsvc.dll
19:03:53.0625 2392 srservice - ok
19:03:53.0640 2392 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
19:03:53.0687 2392 Srv - ok
19:03:53.0703 2392 [ BECD5271DC4E3B7C3D035F790FCBC1E5 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
19:03:53.0781 2392 SSDPSRV - ok
19:03:53.0812 2392 [ C1CDD9275F6A115BB0AE1D55D8D27BA6 ] stisvc C:\WINDOWS\system32\wiaservc.dll
19:03:53.0937 2392 stisvc - ok
19:03:53.0984 2392 [ A9F9FD0212E572B84EDB9EB661F6BC04 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
19:03:54.0000 2392 streamip - ok
19:03:54.0015 2392 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
19:03:54.0093 2392 swenum - ok
19:03:54.0109 2392 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
19:03:54.0203 2392 swmidi - ok
19:03:54.0203 2392 SwPrv - ok
19:03:54.0203 2392 symc810 - ok
19:03:54.0203 2392 symc8xx - ok
19:03:54.0203 2392 sym_hi - ok
19:03:54.0218 2392 sym_u3 - ok
19:03:54.0234 2392 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
19:03:54.0328 2392 sysaudio - ok
19:03:54.0343 2392 [ CE06F01B88ACE199A1BF460CAC29C110 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
19:03:54.0437 2392 SysmonLog - ok
19:03:54.0453 2392 [ B7AEE68D2E867CBF69B649B18FCEDBBB ] tap0901t C:\WINDOWS\system32\DRIVERS\tap0901t.sys
19:03:54.0453 2392 tap0901t ( UnsignedFile.Multi.Generic ) - warning
19:03:54.0453 2392 tap0901t - detected UnsignedFile.Multi.Generic (1)
19:03:54.0468 2392 [ C2546CD7A398476F9DF5614B2AE160E8 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
19:03:54.0578 2392 TapiSrv - ok
19:03:54.0609 2392 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
19:03:54.0671 2392 Tcpip - ok
19:03:54.0687 2392 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
19:03:54.0781 2392 TDPIPE - ok
19:03:54.0796 2392 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
19:03:54.0875 2392 TDTCP - ok
19:03:54.0906 2392 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
19:03:55.0000 2392 TermDD - ok
19:03:55.0031 2392 [ A75DD6FC3DBEE4FFF5EBC9F2C28BB66E ] TermService C:\WINDOWS\System32\termsrv.dll
19:03:55.0125 2392 TermService - ok
19:03:55.0156 2392 [ EE9A2B9EA968A792A053C9D1A86BF870 ] Themes C:\WINDOWS\System32\shsvcs.dll
19:03:55.0171 2392 Themes - ok
19:03:55.0187 2392 [ CD0CC7B167D78043A41C98D4921EFB54 ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
19:03:55.0281 2392 TlntSvr - ok
19:03:55.0296 2392 TosIde - ok
19:03:55.0296 2392 [ 38853304CCB938D30E0C4CDE8D2C2A8A ] TrkWks C:\WINDOWS\system32\trkwks.dll
19:03:55.0390 2392 TrkWks - ok
19:03:55.0453 2392 [ 3ADBC52F03E9DA362D334943D6FCFD28 ] TunngleService C:\Program Files\Tunngle\TnglCtrl.exe
19:03:55.0515 2392 TunngleService ( UnsignedFile.Multi.Generic ) - warning
19:03:55.0515 2392 TunngleService - detected UnsignedFile.Multi.Generic (1)
19:03:55.0531 2392 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
19:03:55.0656 2392 Udfs - ok
19:03:55.0656 2392 ultra - ok
19:03:55.0671 2392 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
19:03:55.0750 2392 Update - ok
19:03:55.0781 2392 [ 651BD90DCEE5B7BDC74A2EB7C9266F9E ] upnphost C:\WINDOWS\System32\upnphost.dll
19:03:55.0859 2392 upnphost - ok
19:03:55.0890 2392 [ 20A0F6A11959E92908717D09E87D670D ] UPS C:\WINDOWS\System32\ups.exe
19:03:55.0968 2392 UPS - ok
19:03:56.0015 2392 [ 1B611611C28D2DF25BC057D79C6F13FC ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
19:03:56.0062 2392 usbccgp - ok
19:03:56.0078 2392 [ 4BAC8DF07F1D8434FC640E677A62204E ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
19:03:56.0109 2392 usbehci - ok
19:03:56.0140 2392 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
19:03:56.0218 2392 usbhub - ok
19:03:56.0265 2392 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
19:03:56.0359 2392 usbprint - ok
19:03:56.0390 2392 [ F8EDE2B6928970DCE3D5614C27D9E7F6 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
19:03:56.0468 2392 usbscan - ok
19:03:56.0484 2392 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
19:03:56.0578 2392 USBSTOR - ok
19:03:56.0593 2392 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
19:03:56.0671 2392 usbuhci - ok
19:03:56.0718 2392 [ 813236B1183CFCF289E367BD5DE6E29E ] usbvideo C:\WINDOWS\system32\Drivers\usbvideo.sys
19:03:56.0765 2392 usbvideo - ok
19:03:56.0796 2392 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
19:03:56.0875 2392 VgaSave - ok
19:03:56.0875 2392 ViaIde - ok
19:03:56.0890 2392 [ 28A4B296B47782173C346E376CB374D1 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
19:03:56.0968 2392 VolSnap - ok
19:03:56.0984 2392 [ D6BA1A63D9E00933F1CD2A885573AFB2 ] VSS C:\WINDOWS\System32\vssvc.exe
19:03:57.0078 2392 VSS - ok
19:03:57.0109 2392 [ FA4E1CDBA256787F2149F4AAD07BC91F ] W32Time C:\WINDOWS\system32\w32time.dll
19:03:57.0218 2392 W32Time - ok
19:03:57.0218 2392 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
19:03:57.0296 2392 Wanarp - ok
19:03:57.0296 2392 WDICA - ok
19:03:57.0312 2392 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
19:03:57.0406 2392 wdmaud - ok
19:03:57.0406 2392 [ 47AE51048A82DFA1CD6B51D369F7E169 ] WebClient C:\WINDOWS\System32\webclnt.dll
19:03:57.0500 2392 WebClient - ok
19:03:57.0593 2392 [ E488332126E3B1182D2B8A0C35408EC6 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
19:03:57.0687 2392 winmgmt - ok
19:03:57.0781 2392 [ 5144AE67D60EC653F97DDF3FEED29E77 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:03:57.0843 2392 wlidsvc - ok
19:03:57.0875 2392 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
19:03:57.0937 2392 WmdmPmSN - ok
19:03:57.0968 2392 [ 0171CFF34BBA8C5977F18C48D8AEF8C6 ] Wmi C:\WINDOWS\System32\advapi32.dll
19:03:58.0000 2392 Wmi - ok
19:03:58.0046 2392 [ 23F6F03272F7E5679F1F050AED5ACEE6 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
19:03:58.0171 2392 WmiApSrv - ok
19:03:58.0234 2392 [ 3739866D20ABD42F26A7B85F9E2560AF ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
19:03:58.0328 2392 WMPNetworkSvc - ok
19:03:58.0437 2392 [ 15673BD0B86150CB8E27766059C72A9B ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
19:03:58.0484 2392 WPFFontCache_v0400 - ok
19:03:58.0515 2392 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
19:03:58.0609 2392 WS2IFSL - ok
19:03:58.0656 2392 [ 4C86D5FAF78194995AF9CC1075F65DD3 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
19:03:58.0750 2392 wscsvc - ok
19:03:58.0796 2392 [ 233CDD1C06942115802EB7CE6669E099 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
19:03:58.0812 2392 WSTCODEC - ok
19:03:58.0812 2392 [ C1364564800EE9784192145324A23308 ] wuauserv C:\WINDOWS\system32\wuauserv.dll
19:03:58.0890 2392 wuauserv - ok
19:03:58.0906 2392 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
19:03:58.0937 2392 WudfPf - ok
19:03:58.0937 2392 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
19:03:58.0953 2392 WudfRd - ok
19:03:59.0000 2392 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
19:03:59.0015 2392 WudfSvc - ok
19:03:59.0062 2392 [ A27D4BA7264C0BF52F32D10405BEA1D4 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
19:03:59.0140 2392 WZCSVC - ok
19:03:59.0156 2392 [ EAA4BB9EDB3FB10CF8979FE65E63658F ] xmlprov C:\WINDOWS\System32\xmlprov.dll
19:03:59.0281 2392 xmlprov - ok
19:03:59.0281 2392 ================ Scan global ===============================
19:03:59.0328 2392 [ F36278E42C8C5DF03CE17DAC8231C91C ] C:\WINDOWS\system32\basesrv.dll
19:03:59.0375 2392 [ 4C0AA4ABC4E21672B55D8A700AF2B2A6 ] C:\WINDOWS\system32\winsrv.dll
19:03:59.0390 2392 [ 4C0AA4ABC4E21672B55D8A700AF2B2A6 ] C:\WINDOWS\system32\winsrv.dll
19:03:59.0406 2392 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] C:\WINDOWS\system32\services.exe
19:03:59.0406 2392 [Global] - ok
19:03:59.0406 2392 ================ Scan MBR ==================================
19:03:59.0421 2392 [ 413FC2A0C716421B3158746D63736515 ] \Device\Harddisk0\DR0
19:03:59.0578 2392 \Device\Harddisk0\DR0 - ok
19:03:59.0578 2392 ================ Scan VBR ==================================
19:03:59.0578 2392 [ 447041B57D7FFB60208BD6E32E4EDFE3 ] \Device\Harddisk0\DR0\Partition1
19:03:59.0578 2392 \Device\Harddisk0\DR0\Partition1 - ok
19:03:59.0578 2392 ============================================================
19:03:59.0578 2392 Scan finished
19:03:59.0578 2392 ============================================================
19:03:59.0703 3736 Detected object count: 11
19:03:59.0703 3736 Actual detected object count: 11
19:04:37.0531 3736 atksgt ( UnsignedFile.Multi.Generic ) - skipped by user
19:04:37.0531 3736 atksgt ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:04:37.0531 3736 HiPatchService ( UnsignedFile.Multi.Generic ) - skipped by user
19:04:37.0531 3736 HiPatchService ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:04:37.0531 3736 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
19:04:37.0531 3736 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:04:37.0531 3736 lirsgt ( UnsignedFile.Multi.Generic ) - skipped by user
19:04:37.0531 3736 lirsgt ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:04:37.0531 3736 sfdrv01 ( UnsignedFile.Multi.Generic ) - skipped by user
19:04:37.0531 3736 sfdrv01 ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:04:37.0546 3736 sfhlp02 ( UnsignedFile.Multi.Generic ) - skipped by user
19:04:37.0546 3736 sfhlp02 ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:04:37.0546 3736 sfsync02 ( UnsignedFile.Multi.Generic ) - skipped by user
19:04:37.0546 3736 sfsync02 ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:04:37.0546 3736 sfvfs02 ( UnsignedFile.Multi.Generic ) - skipped by user
19:04:37.0546 3736 sfvfs02 ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:04:37.0546 3736 sptd ( LockedFile.Multi.Generic ) - skipped by user
19:04:37.0546 3736 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
19:04:37.0546 3736 tap0901t ( UnsignedFile.Multi.Generic ) - skipped by user
19:04:37.0546 3736 tap0901t ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:04:37.0546 3736 TunngleService ( UnsignedFile.Multi.Generic ) - skipped by user
19:04:37.0546 3736 TunngleService ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:04:46.0156 2828 Deinitialize success

[Márty84]

Toto je v poradku.

[papperwing]

Co se týče MBARu, tak ten nic nenalezl. Žádný log tedy nevyskočil.

[Márty84]

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Spustte ho.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Clean
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.

[papperwing]

# AdwCleaner v3.204 - Report created 27/04/2014 at 19:42:08
# Updated 26/04/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : TEST1 - TEST-45256F6D53
# Running from : C:\Documents and Settings\TEST1\Dokumenty\Downloads\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\WINDOWS\system32\ARFC
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\ADDICT-THING
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\AlawarWrapper
Folder Deleted : C:\Documents and Settings\All Users\Dokumenty\AlawarWrapper
[!] Folder Deleted : C:\Documents and Settings\test\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\fagjbgmbhpepiioffbjlmoncpkalefph
[!] Folder Deleted : C:\Documents and Settings\TEST1\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\fagjbgmbhpepiioffbjlmoncpkalefph
File Deleted : C:\Program Files\Mozilla Firefox\user.js
File Deleted : C:\Documents and Settings\test\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Local Storage\hxxp_app.mam.conduit.com_0.localstorage-journal
File Deleted : C:\Documents and Settings\test\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Local Storage\hxxp_facebook.conduitapps.com_0.localstorage-journal
File Deleted : C:\Documents and Settings\test\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Local Storage\hxxp_storage.conduit.com_0.localstorage-journal

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\fagjbgmbhpepiioffbjlmoncpkalefph
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{3E288F79-03E4-4983-A48E-0D879B51FF19}
Key Deleted : HKLM\Software\dt soft\daemon tools toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\daemon tools toolbar

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702


-\\ Google Chrome v34.0.1847.131

[ File : C:\Documents and Settings\test\Local Settings\Data aplikací\Google\Chrome\User Data\Default\preferences ]

Deleted [Search Provider] : hxxp://websearch.ask.com/redirect?client=cr&src=kw&tb=ORJ&o=&locale=&apn_uid=5E934416-A3AD-4368-A0CD-BA3C6B5E0D84&apn_ptnrs=U3&apn_sauid=882ED973-3503-464F-A012-43C2127BA9CE&apn_dtid=OSJ000YYCZ&q={searchTerms}
Deleted [Search Provider] : hxxp://en.softonic.com/s/{searchTerms}
Deleted [Search Provider] : hxxp://eu.wowarmory.com/search.xml?searchQuery={searchTerms}&searchType=all
Deleted [Extension] : fagjbgmbhpepiioffbjlmoncpkalefph

[ File : C:\Documents and Settings\TEST1\Local Settings\Data aplikací\Google\Chrome\User Data\Default\preferences ]

Deleted [Extension] : fagjbgmbhpepiioffbjlmoncpkalefph

*************************

AdwCleaner[R0].txt - [3061 octets] - [27/04/2014 19:41:03]
AdwCleaner[S0].txt - [3032 octets] - [27/04/2014 19:42:08]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3092 octets] ##########

zde je log

[Márty84]

Dejte novy log z RSIT

[papperwing]

Logfile of random's system information tool 1.09 (written by random/random)
Run by TEST1 at 2014-04-27 19:48:43
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 140 GB (29%) free of 477 GB
Total RAM: 2047 MB (60% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:48:49, on 27.4.2014
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Hi-Rez Studios\HiPatchService.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\PnkBstrA.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Tunngle\TnglCtrl.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\test\Plocha\čistící nástroje\RSIT.exe
C:\Program Files\trend micro\TEST1.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O9 - Extra button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {32C3FEAE-0877-4767-8C20-62A5829A0945} - http://www.facebook.com/fbplugin/win32/ ... 5574324875
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 6177409987
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/200 ... ader55.cab
O16 - DPF: {C8BC46C7-921C-4102-B67D-F1F7E65FB0BE} (Battlefield Play4Free Updater) - https://battlefield.play4free.com/stati ... 0.66.2.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Hi-Rez Studios Authenticate and Update Service (HiPatchService) - Hi-Rez Studios - C:\Program Files\Hi-Rez Studios\HiPatchService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: TunngleService - Tunngle.net GmbH - C:\Program Files\Tunngle\TnglCtrl.exe

--
End of file - 7371 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\avast! Emergency Update.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job
C:\WINDOWS\tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job
C:\WINDOWS\tasks\WGASetup.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-10-16 462248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-04-26 436600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-10-16 171944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2007-03-21 16126464]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2009-11-20 110184]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2009-11-20 12669544]
"amd_dc_opt"=C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe [2008-07-22 77824]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-04-26 3873704]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2006-11-16 139264]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Warcraft III\Warcraft III.exe"="C:\Program Files\Warcraft III\Warcraft III.exe:*:Enabled:Warcraft III"
"C:\Program Files\ICQ7.5\ICQ.exe"="C:\Program Files\ICQ7.5\ICQ.exe:*:Enabled:ICQ"
"C:\Program Files\Pando Networks\Media Booster\PMB.exe"="C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster"
"C:\Games\World_of_Tanks\WorldOfTanks.exe"="C:\Games\World_of_Tanks\WorldOfTanks.exe:*:Enabled:World of Tanks"
"C:\Program Files\World_of_Warplanes\World_of_Warplanes\WorldOfWarplanes.exe"="C:\Program Files\World_of_Warplanes\World_of_Warplanes\WorldOfWarplanes.exe:*:Enabled:World of Warplanes"
"C:\Program Files\Ubisoft\Assassin's Creed II\AssassinsCreedIIGame.exe"="C:\Program Files\Ubisoft\Assassin's Creed II\AssassinsCreedIIGame.exe:*:Enabled:Assassin's Creed II"
"C:\Program Files\Ubisoft\Assassin's Creed II\AssassinsCreedII.exe"="C:\Program Files\Ubisoft\Assassin's Creed II\AssassinsCreedII.exe:*:Enabled:Assassin's Creed II Update"
"C:\Program Files\Ubisoft\Assassin's Creed II\UPlayBrowser.exe"="C:\Program Files\Ubisoft\Assassin's Creed II\UPlayBrowser.exe:*:Enabled:Assassin's Creed II Uplay"
"C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe"="C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe:*:Enabled:Ubisoft Game Launcher"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\Program Files\World of Warcraft\Launcher.patch.exe"="C:\Program Files\World of Warcraft\Launcher.patch.exe:*:Enabled:Blizzard Launcher"
"C:\Program Files\World_of_Warplanes\World_of_Warplanes\WOWpLauncher.exe"="C:\Program Files\World_of_Warplanes\World_of_Warplanes\WOWpLauncher.exe:*:Enabled:World of Warplanes Launcher"
"C:\Program Files\Steam\Steam.exe"="C:\Program Files\Steam\Steam.exe:*:Enabled:Steam"
"\??\C:\WINDOWS\system32\winlogon.exe"="\??\C:\WINDOWS\system32\winlogon.exe:*:Enabled:winlogon"
"C:\Program Files\Steam\SteamApps\common\dota 2 beta\dota.exe"="C:\Program Files\Steam\SteamApps\common\dota 2 beta\dota.exe:*:Enabled:Dota 2"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\WINDOWS\system32\javaw.exe"="C:\WINDOWS\system32\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\Steam\SteamApps\common\MountBlade Warband\mb_warband.exe"="C:\Program Files\Steam\SteamApps\common\MountBlade Warband\mb_warband.exe:*:Enabled:Mount & Blade: Warband"
"C:\Soldat\Soldat.exe"="C:\Soldat\Soldat.exe:*:Enabled:http://soldat.pl"
"C:\WINDOWS\system32\dplaysvr.exe"="C:\WINDOWS\system32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper"
"C:\Documents and Settings\test\Plocha\Age of Empires II - Conquerors\age2_x1.exe"="C:\Documents and Settings\test\Plocha\Age of Empires II - Conquerors\age2_x1.exe:*:Enabled:Age of Empires II Expansion"
"C:\Program Files\Java\jre7\bin\javaw.exe"="C:\Program Files\Java\jre7\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\totalcmd\TOTALCMD.EXE"="C:\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit"
"C:\Program Files\Battle.net\Battle.net.exe"="C:\Program Files\Battle.net\Battle.net.exe:*:Enabled:Battle.net"
"C:\Program Files\Hearthstone\Hearthstone.exe"="C:\Program Files\Hearthstone\Hearthstone.exe:*:Enabled:Hearthstone"
"C:\Program Files\Steam\SteamApps\common\Loadout\Loadout.exe"="C:\Program Files\Steam\SteamApps\common\Loadout\Loadout.exe:*:Enabled:Loadout"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype "
"C:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.beta.2638\Agent.exe"="C:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.beta.2638\Agent.exe:*:Enabled:Battle.net Update Agent"
"C:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.beta.2737\Agent.exe"="C:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.beta.2737\Agent.exe:*:Enabled:Battle.net Update Agent"
"C:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.2717\Agent.exe"="C:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.2717\Agent.exe:*:Enabled:Battle.net Update Agent"
"C:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.2816\Agent.exe"="C:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.2816\Agent.exe:*:Enabled:Battle.net Update Agent"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.FMVC"=fmcodec.dll
"VIDC.FPS1"=frapsvid.dll
"MSVideo8"=VfWWDM32.dll

======List of files/folders created in the last 1 month======

2014-04-27 19:41:38 ----A---- C:\WINDOWS\system32\sqlite3.dll
2014-04-27 19:41:01 ----D---- C:\AdwCleaner
2014-04-27 19:09:47 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes' Anti-Malware (portable)
2014-04-27 19:09:46 ----A---- C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
2014-04-27 19:08:47 ----A---- C:\WINDOWS\system32\drivers\mbamchameleon.sys
2014-04-27 19:02:53 ----A---- C:\TDSSKiller.2.8.16.0_27.04.2014_19.02.53_log.txt
2014-04-26 23:21:11 ----D---- C:\Documents and Settings\TEST1\Data aplikací\Adobe
2014-04-26 23:21:07 ----D---- C:\Documents and Settings\TEST1\Data aplikací\AVAST Software
2014-04-26 23:01:52 ----A---- C:\WINDOWS\system32\drivers\aswVmm.sys
2014-04-26 23:01:51 ----A---- C:\WINDOWS\system32\drivers\aswSnx.sys
2014-04-26 23:01:50 ----A---- C:\WINDOWS\system32\drivers\aswRvrt.sys
2014-04-26 23:01:50 ----A---- C:\WINDOWS\system32\drivers\aswHwid.sys
2014-04-26 23:01:41 ----A---- C:\WINDOWS\avastSS.scr
2014-04-26 22:56:27 ----D---- C:\Program Files\AVAST Software
2014-04-26 22:55:47 ----D---- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
2014-04-26 22:53:10 ----A---- C:\WINDOWS\resetlog.txt
2014-04-26 20:57:15 ----SHD---- C:\RECYCLER
2014-04-26 20:30:11 ----SD---- C:\Nombr
2014-04-26 18:19:18 ----A---- C:\WINDOWS\zip.exe
2014-04-26 18:19:18 ----A---- C:\WINDOWS\SWXCACLS.exe
2014-04-26 18:19:18 ----A---- C:\WINDOWS\SWSC.exe
2014-04-26 18:19:18 ----A---- C:\WINDOWS\SWREG.exe
2014-04-26 18:19:18 ----A---- C:\WINDOWS\sed.exe
2014-04-26 18:19:18 ----A---- C:\WINDOWS\PEV.exe
2014-04-26 18:19:18 ----A---- C:\WINDOWS\NIRCMD.exe
2014-04-26 18:19:18 ----A---- C:\WINDOWS\MBR.exe
2014-04-26 18:19:18 ----A---- C:\WINDOWS\grep.exe
2014-04-26 18:13:58 ----D---- C:\WINDOWS\erdnt
2014-04-26 16:04:25 ----D---- C:\_OTM
2014-04-26 14:35:27 ----D---- C:\Documents and Settings\TEST1\Data aplikací\Sun
2014-04-26 12:05:06 ----D---- C:\Documents and Settings\TEST1\Data aplikací\Malwarebytes
2014-04-26 12:02:00 ----A---- C:\WINDOWS\ntbtlog.txt
2014-04-26 11:08:29 ----D---- C:\Program Files\trend micro
2014-04-26 10:30:10 ----D---- C:\rsit
2014-04-26 10:22:20 ----D---- C:\Documents and Settings\TEST1\Data aplikací\Google
2014-04-26 10:21:46 ----D---- C:\Documents and Settings\TEST1\Data aplikací\Seznam.cz
2014-04-09 21:48:50 ----HDC---- C:\WINDOWS\$NtUninstallKB2922229$
2014-03-28 00:05:51 ----HDC---- C:\WINDOWS\$NtUninstallKB2934207$

======List of files/folders modified in the last 1 month======

2014-04-27 19:44:54 ----D---- C:\WINDOWS\temp
2014-04-27 19:43:13 ----A---- C:\WINDOWS\SchedLgU.Txt
2014-04-27 19:43:09 ----D---- C:\WINDOWS\system32\CatRoot2
2014-04-27 19:42:09 ----D---- C:\Program Files\Mozilla Firefox
2014-04-27 19:42:08 ----D---- C:\WINDOWS\system32
2014-04-27 19:41:04 ----D---- C:\WINDOWS\Prefetch
2014-04-27 19:09:46 ----D---- C:\WINDOWS\system32\drivers
2014-04-27 19:02:27 ----D---- C:\Program Files
2014-04-27 16:30:41 ----HDC---- C:\WINDOWS\$NtUninstallKB2467659$
2014-04-27 00:58:41 ----SHD---- C:\WINDOWS\Installer
2014-04-27 00:58:33 ----D---- C:\WINDOWS
2014-04-27 00:58:09 ----RSD---- C:\WINDOWS\assembly
2014-04-26 23:05:39 ----SD---- C:\Documents and Settings\TEST1\Data aplikací\Microsoft
2014-04-26 23:05:21 ----SD---- C:\WINDOWS\Tasks
2014-04-26 23:05:07 ----D---- C:\Program Files\Google
2014-04-26 23:01:47 ----D---- C:\WINDOWS\WinSxS
2014-04-26 22:53:13 ----D---- C:\WINDOWS\system32\drivers\etc
2014-04-26 20:33:44 ----D---- C:\Qoobox
2014-04-26 19:48:05 ----A---- C:\WINDOWS\system.ini
2014-04-26 19:43:49 ----D---- C:\WINDOWS\AppPatch
2014-04-26 19:43:47 ----D---- C:\Program Files\Common Files
2014-04-26 14:28:21 ----HDC---- C:\WINDOWS\$NtUninstallKB2727528$
2014-04-25 23:10:31 ----D---- C:\Documents and Settings\All Users\Data aplikací\PMB Files
2014-04-25 20:29:37 ----D---- C:\Program Files\Warcraft III
2014-04-21 21:47:21 ----A---- C:\WINDOWS\NeroDigital.ini
2014-04-11 08:00:55 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2014-04-10 14:29:23 ----HD---- C:\WINDOWS\inf
2014-04-09 21:48:51 ----RSHDC---- C:\WINDOWS\system32\dllcache
2014-04-09 21:48:03 ----A---- C:\WINDOWS\imsins.BAK
2014-04-09 21:47:54 ----D---- C:\Program Files\Internet Explorer
2014-04-09 21:47:43 ----D---- C:\WINDOWS\ie8updates
2014-03-31 20:18:22 ----D---- C:\WINDOWS\Minidump
2014-03-28 17:21:13 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2014-03-28 17:20:57 ----RSD---- C:\WINDOWS\Fonts

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2014-04-26 49944]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2014-04-26 180632]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI VIA; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-14 61696]
R0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\WINDOWS\System32\drivers\sfdrv01.sys [2005-05-17 50176]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\WINDOWS\System32\drivers\sfhlp02.sys [2005-05-16 6656]
R0 sfsync02;StarForce Protection Synchronization Driver (version 2.x); C:\WINDOWS\System32\drivers\sfsync02.sys [2005-05-16 19968]
R0 sfvfs02;StarForce Protection VFS Driver (version 2.x); C:\WINDOWS\System32\drivers\sfvfs02.sys [2005-06-27 66560]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-04-07 691696]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2009-11-25 27408]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2014-04-26 776976]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2009-11-25 114768]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2009-11-25 48560]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-18 12032]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-11-25 20560]
R2 aswHwid;avast! HardwareID; C:\WINDOWS\system32\drivers\aswHwid.sys [2014-04-26 24184]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2009-11-25 94160]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2010-10-16 165376]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2010-10-16 18048]
R2 npf;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2009-11-16 50704]
R3 AmdLLD;AMD Low Level Device Driver; C:\WINDOWS\system32\DRIVERS\AmdLLD.sys [2007-06-29 34304]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2009-11-25 23120]
R3 AtcL001;NDIS Miniport Driver for Attansic L1 Gigabit Ethernet Controller; C:\WINDOWS\system32\DRIVERS\atl01_xp.sys [2007-03-15 38656]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-03-27 4395008]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-18 12160]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-14 5810]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2009-11-21 10235968]
R3 tap0901t;TAP-Win32 Adapter V9 (Tunngle); C:\WINDOWS\system32\DRIVERS\tap0901t.sys [2009-09-16 27136]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2013-08-09 32384]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 usbvideo;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2013-07-17 123008]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S3 ajwah1f3;ajwah1f3; C:\WINDOWS\system32\drivers\ajwah1f3.sys []
S3 catchme;catchme; \??\C:\DOCUME~1\TEST1\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-07-09 16384]
S3 EagleXNt;EagleXNt; \??\C:\WINDOWS\system32\drivers\EagleXNt.sys []
S3 GGSAFERDriver;GGSAFER Driver; \??\C:\Program Files\Garena Classic\safedrv.sys []
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-03-18 26176]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2002-12-12 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-07-09 83968]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-07-09 10112]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-07-09 10880]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-07-09 14976]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-07-03 14976]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-07-09 18688]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 RsFx0102;RsFx0102 Driver; C:\WINDOWS\system32\DRIVERS\RsFx0102.sys [2008-07-10 242712]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-25 18752]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-25 138680]
R2 HiPatchService;Hi-Rez Studios Authenticate and Update Service; C:\Program Files\Hi-Rez Studios\HiPatchService.exe [2013-02-09 8704]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-20 322120]
R2 MSSQL$SQLEXPRESS;SQL Server (SQLEXPRESS); c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [2008-07-11 40999448]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2009-11-20 154216]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2013-06-17 75136]
R2 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2008-07-10 98840]
R2 TunngleService;TunngleService; C:\Program Files\Tunngle\TnglCtrl.exe [2010-02-13 685816]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 1529728]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-25 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-25 352920]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-05-16 135664]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Služba Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-07-20 754856]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service; c:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2008-07-11 47128]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS); c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2008-07-11 369688]
S4 SQLBrowser;SQL Server Browser; c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2008-07-10 258072]

-----------------EOF-----------------

[Márty84]

Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne
Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe , ulozte na plochu a spustte.
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s

Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).

[papperwing]

Něco mi Avast kompletně zablokovalo hned po spuštění. Už zase se nemůžu připojit na internet. Mohu znova použít WSF? Dneska odjíždím z domu, a v čištění bude pokračovat bratr. Bohužel však nebude mít další počítač. Lze tedy pokud připojení nebude fungovat normálně WSF použít?

[Márty84]

Klidne WSF pouzijte.

[papperwing]

Dobrý den tak jsem tady a chtěl jsem se zeptat co mám udělat