Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

asi nějaký vir??

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: asi nějaký vir??

#16 Příspěvek od Márty84 »

:arrow:
vyosek píše: :arrow: DelFix https://toolslib.net/downloads/finish/2/
  • Stahnete a spustte
  • Ponechte zatrzitkou pouze u volby Remote disinfection tools
  • Kliknete na Run
:arrow: Stahnete Ccleaner http://www.filehippo.com/download_ccleaner a spustte.
Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!
(Pokud je v pc vice uzivatelskych uctu, pouzijte program i v nich)

:arrow: Defragmentujte disk(y) (SSD Disky ne!)
Stahnete program Defraggler http://www.stahuj.centrum.cz/utility_a_ ... efraggler/
Pri instalaci opet pozor na toolbar a dalsi nesmysly.
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.




:arrow: Pak napiste, jak je na tom pc.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
dapemato
Návštěvník
Návštěvník
Příspěvky: 97
Registrován: 26 črc 2011 14:20

Re: asi nějaký vir??

#17 Příspěvek od dapemato »

tak defragmentaci pouštím už podruhý, nějak dlouho to trvá, včera celý večer...tak teď zkouším znovu, jinak přestal chodit skype, maily na seznamu taky nejdou otevřít a avast i když jsem ho zkusila přeinstalovat pořád hlásí ty stejný zablokování opakujících se 4 odkatů :cry:


navíc mi tu před chvíli skočilo PC do nouzového režimu,nějaké ohrožení systému...
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: asi nějaký vir??

#18 Příspěvek od Márty84 »

Tak koukneme hloubeji :dunno:


:!: Pokud nemate, zazalohujte si radeji dulezita data (fotky, dokumenty, atd.) :!:

:!: Nepouzivejte ComboFix bez predchozi domluvy! Je to poruseni pravidel fora a ztratite tim narok na pomoc!

:arrow: Stahnete ComboFix http://download.bleepingcomputer.com/sUBs/ComboFix.exe a ulozte ho na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Spustte ComboFix.
Odsouhlaste licencni podminky a nechte program pracovat. Jestli vam nabidne instalaci Konzoly pro zotaveni, souhlaste.
Po dobu skenu nic nespoustejte, nikam neklikejte.
Po dokonceni skenovani (muze dojit i k restartu pc) by se mel vytvorit log, ktery bude umisteny zde C:\ComboFix.txt
Jeho obsah sem zkopirujte

:!: Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace
:!: Kdyz windows nabehne, ale pri spousteni ruznych programu bude hlasena chyba, staci restartovat pc a bude to v poradku
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
dapemato
Návštěvník
Návštěvník
Příspěvky: 97
Registrován: 26 črc 2011 14:20

Re: asi nějaký vir??

#19 Příspěvek od dapemato »

tak posílám... :)

ComboFix 15-01-22.02 - Uživatel 22.01.2015 17:17:33.1.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.3071.2213 [GMT 1:00]
Spuštěný z: c:\documents and settings\U×ivatel\Plocha\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Uživatel\Local Settings\Data aplikací\MSGBOX.EXE
c:\program files\Internet Explorer\SETD8.tmp
c:\program files\Internet Explorer\SETDA.tmp
c:\windows\msdownld.tmp
c:\windows\system32\drivers\etc\hosts.ics
c:\windows\system64
c:\windows\system64\msvcp100.dll
c:\windows\system64\msvcr100.dll
.
Nakažená kopie c:\windows\system32\Drivers\atapi.sys byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\system32\ReinstallBackups\0004\DriverFiles\i386\atapi.sys
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-12-22 do 2015-01-22 )))))))))))))))))))))))))))))))
.
.
2015-01-21 17:21 . 2015-01-21 17:21 -------- d-----w- c:\documents and settings\Uživatel\Data aplikací\AVAST Software
2015-01-21 17:20 . 2015-01-21 17:20 -------- d-----w- c:\windows\jumpshot.com
2015-01-21 17:19 . 2015-01-21 17:18 24184 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2015-01-21 17:18 . 2015-01-21 17:18 291352 ----a-w- c:\windows\system32\aswBoot.exe
2015-01-21 17:18 . 2015-01-21 17:18 43152 ----a-w- c:\windows\avastSS.scr
2015-01-21 17:17 . 2015-01-21 17:18 49944 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2015-01-21 17:17 . 2015-01-21 17:18 206248 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2015-01-21 17:17 . 2015-01-21 17:18 70384 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2015-01-21 17:09 . 2015-01-21 17:25 423784 ----a-w- c:\windows\system32\drivers\aswsp.sys
2015-01-21 17:09 . 2015-01-21 17:18 57928 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2015-01-21 17:09 . 2015-01-21 17:18 55240 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2015-01-21 17:09 . 2015-01-21 17:25 787800 ----a-w- c:\windows\system32\drivers\aswsnx.sys
2015-01-18 13:25 . 2015-01-18 13:25 -------- d-----w- c:\documents and settings\U×ivatel
2015-01-17 12:48 . 2015-01-17 12:48 -------- d-----w- c:\windows\ERUNT
2015-01-15 14:28 . 2015-01-22 12:52 -------- d-----w- c:\documents and settings\All Users\Data aplikací\CenlEdosu
2015-01-03 11:06 . 2015-01-03 11:06 -------- d-----w- c:\documents and settings\Uživatel\Local Settings\Data aplikací\Mozilla
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-01-14 15:24 . 2013-04-27 10:15 701616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2015-01-14 15:24 . 2013-04-27 10:15 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-10-26 09:37 . 2014-05-10 15:42 96680 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2014-10-26 09:37 . 2014-05-10 15:42 146432 ----a-w- c:\windows\system32\javacpl.cpl
2014-03-18 20:54 . 2014-03-18 20:54 33908960 ----a-w- c:\program files\AvatarGameCZ.exe
2013-10-04 14:33 . 2013-10-04 14:33 4241280 ----a-w- c:\program files\dffsetup-d3d11.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2015-01-21 17:18 723976 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"cfweatherStation"="c:\program files\Weather\Weather.exe" [2008-07-16 536064]
"Zoner Photo Studio Autoupdate"="c:\program files\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE" [2012-12-04 773728]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2013-03-15 15668512]
"NvMediaCenter"="NvMCTray.dll" [2013-03-15 223008]
"nwiz"="c:\program files\NVIDIA Corporation\nview\nwiz.exe" [2013-03-15 1982312]
"RTHDCPL"="RTHDCPL.EXE" [2013-04-23 18702336]
"amd_dc_opt"="c:\program files\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
"LogMeIn Hamachi Ui"="c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe" [2014-12-13 3838800]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2015-01-21 5227112]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0aswBoot.exe /M:203cdca2 /dir:C:\Program
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\NVIDIA Corporation\\NVIDIA Update Core\\daemonu.exe"=
"c:\\TopCD\\Traktor 3\\farm2012.dll"=
"c:\\Documents and Settings\\All Users\\Data aplikací\\Battle.net\\Agent\\Agent.2045\\Agent.exe"=
"c:\\Games\\World_of_Tanks\\WoTLauncher.exe"=
"c:\\Program Files\\Steam\\SteamApps\\common\\Mafia II\\pc\\mafia2.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\TopCD\\Traktor 2\\game.exe"=
"c:\\Program Files\\Steam\\Steam.exe"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Dx9.exe"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Dx10.exe"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Launcher.exe"=
"c:\\Games\\World_of_Tanks\\WorldOfTanks.exe"=
"c:\\Documents and Settings\\All Users\\Data aplikací\\Electronic Arts\\Need For Speed World\\Data\\nfsw.exe"=
"c:\\Program Files\\Ubisoft\\James Cameron's AVATAR - THE GAME\\bin\\Avatar.exe"=
"c:\\Program Files\\Ubisoft\\James Cameron's AVATAR - THE GAME\\bin\\AvatarLauncher.exe"=
"c:\\Documents and Settings\\All Users\\Data aplikací\\Battle.net\\Agent\\Agent.2880\\Agent.exe"=
"c:\\Program Files\\Steam\\SteamApps\\common\\LEGO Marvel Super Heroes\\LEGOMARVEL.exe"=
"c:\\Program Files\\EA GAMES\\Need for Speed Underground 2\\speed2.exe"=
"c:\\Documents and Settings\\Uživatel\\Data aplikací\\uTorrent\\utorrent.exe"=
"c:\\Program Files\\Electronic Arts\\Crytek\\Crysis 2\\bin32\\Crysis2.exe"=
"c:\\Program Files\\Steam\\SteamApps\\common\\MXGP - The Official Motocross Videogame Demo\\MXGP.exe"=
"c:\\Program Files\\Steam\\SteamApps\\common\\Batman Arkham City Demo\\Binaries\\Win32\\BatmanAC.exe"=
"c:\\Program Files\\Rockstar Games\\Rockstar Games Social Club\\RGSCLauncher.exe"=
"c:\\Program Files\\Rockstar Games\\Grand Theft Auto IV\\LaunchGTAIV.exe"=
"c:\\Program Files\\Rockstar Games\\Grand Theft Auto IV\\GTAIV.exe"=
"c:\\Program Files\\Google\\Chrome\\Application\\chrome.exe"=
"c:\\Program Files\\Java\\jre1.8.0_25\\bin\\javaw.exe"=
"c:\\Program Files\\Steam\\SteamApps\\common\\Spintires\\SpinTires.exe"=
"c:\\Program Files\\Steam\\SteamApps\\common\\Euro Truck Simulator 2\\bin\\win_x86\\eurotrucks2.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"443:TCP"= 443:TCP:War Thunder
"20010:UDP"= 20010:UDP:War Thunder
"3478:UDP"= 3478:UDP:War Thunder
"7850:TCP"= 7850:TCP:War Thunder
"7852:TCP"= 7852:TCP:War Thunder
"7853:TCP"= 7853:TCP:War Thunder
"27022:TCP"= 27022:TCP:War Thunder
"6881:TCP"= 6881:TCP:War Thunder
"33333:TCP"= 33333:TCP:War Thunder
"20443:TCP"= 20443:TCP:War Thunder
"8090:TCP"= 8090:TCP:War Thunder
.
R0 aswRvrt;avast! Revert;c:\windows\system32\drivers\aswRvrt.sys [21.1.2015 18:17 49944]
R0 aswVmm;avast! VM Monitor;c:\windows\system32\drivers\aswVmm.sys [21.1.2015 18:17 206248]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswsnx.sys [21.1.2015 18:09 787800]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswsp.sys [21.1.2015 18:09 423784]
R2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys [21.1.2015 18:19 24184]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [21.1.2015 18:17 70384]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [13.12.2014 17:01 1895760]
R2 LMIGuardianSvc;LMIGuardianSvc;c:\program files\LogMeIn Hamachi\LMIGuardianSvc.exe [2.12.2014 20:12 411920]
S2 SSPORT;SSPORT;\??\c:\windows\system32\Drivers\SSPORT.sys --> c:\windows\system32\Drivers\SSPORT.sys [?]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [23.4.2013 8:17 1684736]
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-01-16 21:06 1087816 ----a-w- c:\program files\Google\Chrome\Application\39.0.2171.99\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2015-01-22 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2015-01-21 17:18]
.
.
------- Doplňkový sken -------
.
uStart Page = https://www.seznam.cz/
IE: SmarThru4 Capture Selection - c:\program files\SmarThru 4\WebCapture.dll2.htm
IE: SmarThru4 Save as HTML - c:\program files\SmarThru 4\WebCapture.dll1.htm
IE: SmarThru4 Save Selected Text - c:\program files\SmarThru 4\WebCapture.dll.htm
IE: SmarThru4 Web Capture - c:\program files\SmarThru 4\WebCapture.dll
TCP: DhcpNameServer = 192.168.1.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-10 - (no file)
AddRemove-{9083C10B-C37C-4913-BD18-39ED8D04A8CB} - c:\docume~1\ALLUSE~1\DATAAP~1\TARMAI~1\{9083C~1\Setup.exe
AddRemove-UnityWebPlayer - c:\documents and settings\Uživatel\Local Settings\Data aplikací\Unity\WebPlayer\Uninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2015-01-22 17:24
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1644491937-73586283-682003330-1003\Software\SecuROM\License information*]
"datasecu"=hex:b4,95,74,69,30,d6,76,49,46,1a,51,8d,a4,1a,f4,d2,1d,11,4b,bf,e8,
b8,f1,07,f6,93,d6,ec,f4,cf,4e,cf,21,d9,e3,f5,6b,e0,e4,5c,48,c7,a8,c2,f4,88,\
"rkeysecu"=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98
.
[HKEY_USERS\S-1-5-21-1644491937-73586283-682003330-1003_Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\InprocServer32]
@DACL=(02 0000)
@="c:\\Program Files\\Java\\jre1.8.0_25\\bin\\jp2iexp.dll"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_16_0_0_257_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_16_0_0_257_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'explorer.exe'(1472)
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\windows\system32\nvsvc32.exe
c:\windows\system32\RunDLL32.exe
c:\windows\RTHDCPL.EXE
c:\program files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
c:\windows\system32\PnkBstrA.exe
c:\program files\Weather\usbwr.exe
c:\windows\system32\wscntfy.exe
c:\windows\system32\wbem\unsecapp.exe
.
**************************************************************************
.
Celkový čas: 2015-01-22 17:27:34 - počítač byl restartován
ComboFix-quarantined-files.txt 2015-01-22 16:27
.
Před spuštěním: Volných bajtů: 36 732 186 624
Po spuštění: Volných bajtů: 37 365 706 752
.
WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect /usepmtimer
.
- - End Of File - - 6DBCC5790B13F81974235DF617F1F74E
413FC2A0C716421B3158746D63736515
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: asi nějaký vir??

#20 Příspěvek od Márty84 »

:!: Presunte ComboFix primo na disk C (takze cesta k nemu bude c:\ComboFix.exe )!
:arrow: Otevrete si poznamkovy blok a zkopirujte do nej tento skript

Kód: Vybrat vše

KillAll::

Registry::
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Zoner Photo Studio Autoupdate"=-

Regnull::
[HKEY_USERS\S-1-5-21-1644491937-73586283-682003330-1003\Software\SecuROM\License information*]

RegLock::
[HKEY_USERS\S-1-5-21-1644491937-73586283-682003330-1003_Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\InprocServer32]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]

Reboot::
Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev CFScript a ulozte take primo na C (takze cesta k nemu bude c:\CFScript.txt ).
Vypnete antivir i dalsi pripadne zabezpeceni.
Pretahntete mysi tento vytvoreny textovy dokument nad ikonu ComboFix a pustte.
ComboFix by se mel spustit a vykonat prikazy.
Az skonci (muze dojit k restartu pc), mel by se objevit novy log, ten mi sem zase zkopirujte.

:!: Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace
:!: Kdyz windows nabehne, ale pri spousteni ruznych programu bude hlasena chyba, staci restartovat pc a bude to v poradku
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
dapemato
Návštěvník
Návštěvník
Příspěvky: 97
Registrován: 26 črc 2011 14:20

Re: asi nějaký vir??

#21 Příspěvek od dapemato »

ComboFix 15-01-22.02 - Uživatel 22.01.2015 19:48:49.2.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.3071.2372 [GMT 1:00]
Spuštěný z: C:\ComboFix.exe
Použité ovládací přepínače :: C:\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-12-22 do 2015-01-22 )))))))))))))))))))))))))))))))
.
.
2015-01-21 17:21 . 2015-01-21 17:21 -------- d-----w- c:\documents and settings\Uživatel\Data aplikací\AVAST Software
2015-01-21 17:20 . 2015-01-21 17:20 -------- d-----w- c:\windows\jumpshot.com
2015-01-21 17:19 . 2015-01-21 17:18 24184 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2015-01-21 17:18 . 2015-01-21 17:18 291352 ----a-w- c:\windows\system32\aswBoot.exe
2015-01-21 17:18 . 2015-01-21 17:18 43152 ----a-w- c:\windows\avastSS.scr
2015-01-21 17:17 . 2015-01-21 17:18 49944 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2015-01-21 17:17 . 2015-01-21 17:18 206248 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2015-01-21 17:17 . 2015-01-21 17:18 70384 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2015-01-21 17:09 . 2015-01-21 17:25 423784 ----a-w- c:\windows\system32\drivers\aswsp.sys
2015-01-21 17:09 . 2015-01-21 17:18 57928 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2015-01-21 17:09 . 2015-01-21 17:18 55240 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2015-01-21 17:09 . 2015-01-21 17:25 787800 ----a-w- c:\windows\system32\drivers\aswsnx.sys
2015-01-18 13:25 . 2015-01-18 13:25 -------- d-----w- c:\documents and settings\U×ivatel
2015-01-17 12:48 . 2015-01-17 12:48 -------- d-----w- c:\windows\ERUNT
2015-01-15 14:28 . 2015-01-22 12:52 -------- d-----w- c:\documents and settings\All Users\Data aplikací\CenlEdosu
2015-01-03 11:06 . 2015-01-03 11:06 -------- d-----w- c:\documents and settings\Uživatel\Local Settings\Data aplikací\Mozilla
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-01-14 15:24 . 2013-04-27 10:15 701616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2015-01-14 15:24 . 2013-04-27 10:15 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-10-26 09:37 . 2014-05-10 15:42 96680 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2014-10-26 09:37 . 2014-05-10 15:42 146432 ----a-w- c:\windows\system32\javacpl.cpl
2014-03-18 20:54 . 2014-03-18 20:54 33908960 ----a-w- c:\program files\AvatarGameCZ.exe
2013-10-04 14:33 . 2013-10-04 14:33 4241280 ----a-w- c:\program files\dffsetup-d3d11.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2015-01-21 17:18 723976 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"cfweatherStation"="c:\program files\Weather\Weather.exe" [2008-07-16 536064]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2013-03-15 15668512]
"NvMediaCenter"="NvMCTray.dll" [2013-03-15 223008]
"nwiz"="c:\program files\NVIDIA Corporation\nview\nwiz.exe" [2013-03-15 1982312]
"RTHDCPL"="RTHDCPL.EXE" [2013-04-23 18702336]
"amd_dc_opt"="c:\program files\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
"LogMeIn Hamachi Ui"="c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe" [2014-12-13 3838800]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2015-01-21 5227112]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0aswBoot.exe /M:203cdca2 /dir:C:\Program
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\NVIDIA Corporation\\NVIDIA Update Core\\daemonu.exe"=
"c:\\TopCD\\Traktor 3\\farm2012.dll"=
"c:\\Documents and Settings\\All Users\\Data aplikací\\Battle.net\\Agent\\Agent.2045\\Agent.exe"=
"c:\\Games\\World_of_Tanks\\WoTLauncher.exe"=
"c:\\Program Files\\Steam\\SteamApps\\common\\Mafia II\\pc\\mafia2.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\TopCD\\Traktor 2\\game.exe"=
"c:\\Program Files\\Steam\\Steam.exe"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Dx9.exe"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Dx10.exe"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Launcher.exe"=
"c:\\Games\\World_of_Tanks\\WorldOfTanks.exe"=
"c:\\Documents and Settings\\All Users\\Data aplikací\\Electronic Arts\\Need For Speed World\\Data\\nfsw.exe"=
"c:\\Program Files\\Ubisoft\\James Cameron's AVATAR - THE GAME\\bin\\Avatar.exe"=
"c:\\Program Files\\Ubisoft\\James Cameron's AVATAR - THE GAME\\bin\\AvatarLauncher.exe"=
"c:\\Documents and Settings\\All Users\\Data aplikací\\Battle.net\\Agent\\Agent.2880\\Agent.exe"=
"c:\\Program Files\\Steam\\SteamApps\\common\\LEGO Marvel Super Heroes\\LEGOMARVEL.exe"=
"c:\\Program Files\\EA GAMES\\Need for Speed Underground 2\\speed2.exe"=
"c:\\Documents and Settings\\Uživatel\\Data aplikací\\uTorrent\\utorrent.exe"=
"c:\\Program Files\\Electronic Arts\\Crytek\\Crysis 2\\bin32\\Crysis2.exe"=
"c:\\Program Files\\Steam\\SteamApps\\common\\MXGP - The Official Motocross Videogame Demo\\MXGP.exe"=
"c:\\Program Files\\Steam\\SteamApps\\common\\Batman Arkham City Demo\\Binaries\\Win32\\BatmanAC.exe"=
"c:\\Program Files\\Rockstar Games\\Rockstar Games Social Club\\RGSCLauncher.exe"=
"c:\\Program Files\\Rockstar Games\\Grand Theft Auto IV\\LaunchGTAIV.exe"=
"c:\\Program Files\\Rockstar Games\\Grand Theft Auto IV\\GTAIV.exe"=
"c:\\Program Files\\Google\\Chrome\\Application\\chrome.exe"=
"c:\\Program Files\\Java\\jre1.8.0_25\\bin\\javaw.exe"=
"c:\\Program Files\\Steam\\SteamApps\\common\\Spintires\\SpinTires.exe"=
"c:\\Program Files\\Steam\\SteamApps\\common\\Euro Truck Simulator 2\\bin\\win_x86\\eurotrucks2.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"443:TCP"= 443:TCP:War Thunder
"20010:UDP"= 20010:UDP:War Thunder
"3478:UDP"= 3478:UDP:War Thunder
"7850:TCP"= 7850:TCP:War Thunder
"7852:TCP"= 7852:TCP:War Thunder
"7853:TCP"= 7853:TCP:War Thunder
"27022:TCP"= 27022:TCP:War Thunder
"6881:TCP"= 6881:TCP:War Thunder
"33333:TCP"= 33333:TCP:War Thunder
"20443:TCP"= 20443:TCP:War Thunder
"8090:TCP"= 8090:TCP:War Thunder
.
R0 aswRvrt;avast! Revert;c:\windows\system32\drivers\aswRvrt.sys [21.1.2015 18:17 49944]
R0 aswVmm;avast! VM Monitor;c:\windows\system32\drivers\aswVmm.sys [21.1.2015 18:17 206248]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswsnx.sys [21.1.2015 18:09 787800]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswsp.sys [21.1.2015 18:09 423784]
R2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys [21.1.2015 18:19 24184]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [21.1.2015 18:17 70384]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [13.12.2014 17:01 1895760]
R2 LMIGuardianSvc;LMIGuardianSvc;c:\program files\LogMeIn Hamachi\LMIGuardianSvc.exe [2.12.2014 20:12 411920]
S2 SSPORT;SSPORT;\??\c:\windows\system32\Drivers\SSPORT.sys --> c:\windows\system32\Drivers\SSPORT.sys [?]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [23.4.2013 8:17 1684736]
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-01-16 21:06 1087816 ----a-w- c:\program files\Google\Chrome\Application\39.0.2171.99\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2015-01-22 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2015-01-21 17:18]
.
.
------- Doplňkový sken -------
.
uStart Page = https://www.seznam.cz/
IE: SmarThru4 Capture Selection - c:\program files\SmarThru 4\WebCapture.dll2.htm
IE: SmarThru4 Save as HTML - c:\program files\SmarThru 4\WebCapture.dll1.htm
IE: SmarThru4 Save Selected Text - c:\program files\SmarThru 4\WebCapture.dll.htm
IE: SmarThru4 Web Capture - c:\program files\SmarThru 4\WebCapture.dll
TCP: DhcpNameServer = 192.168.1.1
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2015-01-22 19:56
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'explorer.exe'(800)
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\windows\system32\nvsvc32.exe
c:\program files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
c:\windows\system32\PnkBstrA.exe
c:\windows\system32\RunDLL32.exe
c:\windows\RTHDCPL.EXE
c:\program files\Weather\usbwr.exe
c:\windows\system32\wscntfy.exe
c:\windows\system32\wbem\unsecapp.exe
.
**************************************************************************
.
Celkový čas: 2015-01-22 19:59:46 - počítač byl restartován
ComboFix-quarantined-files.txt 2015-01-22 18:59
ComboFix2.txt 2015-01-22 16:27
.
Před spuštěním: Volných bajtů: 37 348 401 152
Po spuštění: Volných bajtů: 37 186 486 272
.
- - End Of File - - 214B295C58B2F60820451B5FFD465119
413FC2A0C716421B3158746D63736515
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: asi nějaký vir??

#22 Příspěvek od Márty84 »

:arrow: Postupujte podle navodu kolegy
vyosek píše: :arrow: Stahnete si TDSSKiller http://support.kaspersky.com/downloads/ ... killer.exe
  • Kliknete na volbu Change parametrs
  • V okne Additional Option zakliknete vsechny moznosti
  • Kliknete na OK
  • Utilite prikazte, at skenuje - klik na Start Scan
  • Po dokonceni skenu se objevi okno, zkontrolujte, zda-li je vsude moznost Skip
  • Pokud moznost Skip nebude primarne nastavena, prekliknete ji na Skip
  • Pokud mate vsude Skip, kliknete na Continue
  • Na disku, kde mate Windows (obvykle c:\) ve tvaru TDSSKiller.nejaka cisilka _log.txt bude log - jeho obsah sem vlozte

:arrow: Postupujte podle navodu kolegy
vyosek píše: :arrow: Stahnete Malwarebytes Anti-Rootkit http://www.bleepingcomputer.com/downloa ... i-rootkit/
  • Ulozte nejlepe na Plochu a rozbalte
  • Spustte kliknutim na mbar
  • Nyni postupne kliknete na Next a Update
  • Po dokonceni update (aktualizace) databaze kliknete opet na Next
  • Nechte zaskrtnute vsechny tri moznosti a klinete na Scan cimz spustite prohledavani PC
  • Po dokonceni skenu (cca 5 minutek) zkontrolujte, zda-li je u vsech nalezu (samozrejme pokud budou) zatrzitko
  • Tez zkontrolujte, jetsli je zatrzitko u Create Restore point
  • Nyni kliknete na CleanUp cimz nalezenou infekci odstranime
  • PC bude restartovan
  • Slozka mbar by mela obsahovat log (a zrejme se i sam otevre) mbar-log-rok-mesic-den (hodina-minuta-sekunda).txt, ten mi sem dejte
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
dapemato
Návštěvník
Návštěvník
Příspěvky: 97
Registrován: 26 črc 2011 14:20

Re: asi nějaký vir??

#23 Příspěvek od dapemato »

tak první část úkolu...

16:20:13.0699 0x0994 TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
16:20:23.0793 0x0994 ============================================================
16:20:23.0793 0x0994 Current date / time: 2015/01/23 16:20:23.0793
16:20:23.0793 0x0994 SystemInfo:
16:20:23.0793 0x0994
16:20:23.0793 0x0994 OS Version: 5.1.2600 ServicePack: 3.0
16:20:23.0793 0x0994 Product type: Workstation
16:20:23.0793 0x0994 ComputerName: U-398F8DF968D14
16:20:23.0793 0x0994 UserName: Uživatel
16:20:23.0793 0x0994 Windows directory: C:\WINDOWS
16:20:23.0793 0x0994 System windows directory: C:\WINDOWS
16:20:23.0793 0x0994 Processor architecture: Intel x86
16:20:23.0793 0x0994 Number of processors: 2
16:20:23.0793 0x0994 Page size: 0x1000
16:20:23.0793 0x0994 Boot type: Normal boot
16:20:23.0793 0x0994 ============================================================
16:20:25.0887 0x0994 KLMD registered as C:\WINDOWS\system32\drivers\76194486.sys
16:20:25.0965 0x0994 System UUID: {991B6B09-7FE9-04B1-CEFA-21B91D7CEC67}
16:20:26.0324 0x0994 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 ( 298.09 Gb ), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
16:20:26.0340 0x0994 ============================================================
16:20:26.0340 0x0994 \Device\Harddisk0\DR0:
16:20:26.0340 0x0994 MBR partitions:
16:20:26.0340 0x0994 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x254297C1
16:20:26.0340 0x0994 ============================================================
16:20:26.0356 0x0994 C: <-> \Device\Harddisk0\DR0\Partition1
16:20:26.0356 0x0994 ============================================================
16:20:26.0356 0x0994 Initialize success
16:20:26.0356 0x0994 ============================================================
16:22:12.0590 0x091c ============================================================
16:22:12.0590 0x091c Scan started
16:22:12.0590 0x091c Mode: Manual; SigCheck; TDLFS;
16:22:12.0590 0x091c ============================================================
16:22:12.0590 0x091c KSN ping started
16:22:26.0981 0x091c KSN ping finished: true
16:22:27.0856 0x091c ================ Scan system memory ========================
16:22:28.0762 0x091c System memory - ok
16:22:28.0762 0x091c ================ Scan services =============================
16:22:28.0840 0x091c Abiosdsk - ok
16:22:28.0840 0x091c abp480n5 - ok
16:22:28.0887 0x091c [ 4FE34F1F3126B61FCC6B2043AA8112C9, DE370865E47A5D2A4B227EEFFB42384F67F08D622BF936A9C9CEF70CC47F324B ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
16:22:29.0137 0x091c ACPI - ok
16:22:29.0215 0x091c [ AFDFF022A01F0B11C776F0860C3B282F, 135E5257B62D921B76271014301E9EA1E2383D5DBB04E475DC3A7EFFD2561F56 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
16:22:29.0293 0x091c ACPIEC - ok
16:22:29.0293 0x091c adpu160m - ok
16:22:29.0324 0x091c [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] aec C:\WINDOWS\system32\drivers\aec.sys
16:22:29.0403 0x091c aec - ok
16:22:29.0449 0x091c [ 1E44BC1E83D8FD2305F8D452DB109CF9, CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C13FFE49063B02C8 ] AFD C:\WINDOWS\System32\drivers\afd.sys
16:22:29.0465 0x091c AFD - ok
16:22:29.0481 0x091c Aha154x - ok
16:22:29.0481 0x091c aic78u2 - ok
16:22:29.0481 0x091c aic78xx - ok
16:22:29.0512 0x091c [ E0A6FA244B8624D78FE5FF6F56A33BAE, 26B828FDB03AE4A4F1DC7A1792F9BAD69CF947897D47F5E567F24F4B6D5CB541 ] Alerter C:\WINDOWS\system32\alrsvc.dll
16:22:29.0590 0x091c Alerter - ok
16:22:29.0606 0x091c [ 88842DE939A827577BF24243699AC80A, A49C9A6A9941F3A2FBBCFE1F6DB48B632739D00670AC98ECCCBC7FD9E786B21A ] ALG C:\WINDOWS\System32\alg.exe
16:22:29.0637 0x091c ALG - ok
16:22:29.0653 0x091c AliIde - ok
16:22:29.0731 0x091c [ F6AF59D6EEE5E1C304F7F73706AD11D8, F5D39EF40CDB5102A84C8594CFC54DDBD5060E193E6D07421A9003D2ABC63E30 ] Ambfilt C:\WINDOWS\system32\drivers\Ambfilt.sys
16:22:29.0809 0x091c Ambfilt - ok
16:22:29.0856 0x091c [ AD8FA28D8ED0D0A689A0559085CE0F18, 75A35973D0CAED504147FC4A78F6EFA755E74EC4A169689F279150769196744A ] AmdLLD C:\WINDOWS\system32\DRIVERS\AmdLLD.sys
16:22:29.0871 0x091c AmdLLD - ok
16:22:29.0871 0x091c amsint - ok
16:22:29.0887 0x091c [ 6B8E7A90E576D4FE308F97C69060A171, 6CE49BC78715737D78E05DECAC23E26A5672ACD2CF3D10154FEA9D47B318D47C ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
16:22:29.0949 0x091c AppMgmt - ok
16:22:29.0949 0x091c asc - ok
16:22:29.0965 0x091c asc3350p - ok
16:22:29.0965 0x091c asc3550 - ok
16:22:30.0059 0x091c [ 0E5E4957549056E2BF2C49F4F6B601AD, F7F19FDC906B719A3516D30A9B4A2262C8CC5B36B94E3D4195C345EC4610FF2B ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
16:22:30.0059 0x091c aspnet_state - ok
16:22:30.0106 0x091c [ 9D23DE88C3B18BA87CD4587177CA6CEA, 46DBB867FC73E30320852F744F38B66906DD5B96C4EBB03F504CF33E867A8470 ] aswHwid C:\WINDOWS\system32\drivers\aswHwid.sys
16:22:30.0153 0x091c aswHwid - ok
16:22:30.0168 0x091c [ 73A9014A9C4B19AA093DA05ED4246E27, F03C8433EB00229490BCD293CC97EF72452E156212D56C24BBA95C8E1B207D1A ] aswMonFlt C:\WINDOWS\system32\drivers\aswMonFlt.sys
16:22:30.0184 0x091c aswMonFlt - ok
16:22:30.0215 0x091c [ 0926775B8C3B32EE99921CCB0F85378E, 21A46B124B3E9F2569030E2DF591858B85AA640DDBB5C994B5C00A1E78C9EF67 ] aswRdr C:\WINDOWS\system32\drivers\aswRdr.sys
16:22:30.0231 0x091c aswRdr - ok
16:22:30.0246 0x091c [ 6544697080421E62E97AAFBD0A8AA391, BB3F492BF828A147B82FDD1FC9EB9867D96DE0481554A59745D41C6BAB551700 ] aswRvrt C:\WINDOWS\system32\drivers\aswRvrt.sys
16:22:30.0246 0x091c aswRvrt - ok
16:22:30.0309 0x091c [ E73CBE3420ECFA8FF7D0467E170E335D, B994342C92AE9167908B8CA3D03DC278E919C7073512461AFFD4C25E8D2D8D66 ] aswSnx C:\WINDOWS\system32\drivers\aswSnx.sys
16:22:30.0324 0x091c aswSnx - ok
16:22:30.0371 0x091c [ 1624D5AD126B8AFE2B2E85E5B8364EB6, AB97A74C1CA9921F7753D98516D7E11750D5D3ACD143C83273B0B295625440A0 ] aswSP C:\WINDOWS\system32\drivers\aswSP.sys
16:22:30.0387 0x091c aswSP - ok
16:22:30.0418 0x091c [ 4C0ECF1AFA6992904814C74B99DD36F9, AA0D9BA7FE829888C636EC9D72E8E2D987A1C3FF092F95A38EC607CEE25A91F8 ] aswTdi C:\WINDOWS\system32\drivers\aswTdi.sys
16:22:30.0418 0x091c aswTdi - ok
16:22:30.0434 0x091c [ 0EFBC2962B156E8AC267F96D4D93EF06, 8A69672CE8B68A0A683D583287473BFAB7CF8B9771C22E398607CF2A151C7124 ] aswVmm C:\WINDOWS\system32\drivers\aswVmm.sys
16:22:30.0449 0x091c aswVmm - ok
16:22:30.0481 0x091c [ B153AFFAC761E7F5FCFA822B9C4E97BC, 7E60F572A6B3C6219E3C86225AA37243AFFD74337DB7F108B04778042E5CC959 ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
16:22:30.0543 0x091c AsyncMac - ok
16:22:30.0559 0x091c [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
16:22:30.0621 0x091c atapi - ok
16:22:30.0637 0x091c Atdisk - ok
16:22:30.0668 0x091c [ 3C4B9850A2631C2263507400D029057B, A3DFF043B92C2F8C533BA609FB9FB20CF132E9D516449877CC2EDD75F1D6BC5C ] atksgt C:\WINDOWS\system32\DRIVERS\atksgt.sys
16:22:30.0684 0x091c atksgt - ok
16:22:30.0684 0x091c [ 9916C1225104BA14794209CFA8012159, 5D6F05F715C52A16D05CAE15C3DFE77A139A7F27F7AE710EC9A10F9EE05115A1 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
16:22:30.0746 0x091c Atmarpc - ok
16:22:30.0793 0x091c [ DE31B88962A8645DBA5A37B993E7B0F1, CA93F25A3FD0CE68BB9B8E3AB6B813BF38DE3EDDFC990291B3957FAA59B2B274 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
16:22:30.0871 0x091c AudioSrv - ok
16:22:30.0903 0x091c [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
16:22:30.0981 0x091c audstub - ok
16:22:31.0043 0x091c [ E3F7EC811923F3F1A77B185F22638E5E, 324041256314C1471B5F123FA8DECC8F374A6B497A6419D4CAF61E68E1733265 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
16:22:31.0059 0x091c avast! Antivirus - ok
16:22:31.0074 0x091c [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep C:\WINDOWS\system32\drivers\Beep.sys
16:22:31.0168 0x091c Beep - ok
16:22:31.0246 0x091c [ 19395D092FD85DDC2D9C7729CF5A2AC8, 7640F36BA19698EE8A6257BF78A8C57DD9D734BED9CA6BB9B68603BAEA092412 ] BITS C:\WINDOWS\system32\qmgr.dll
16:22:31.0324 0x091c BITS - ok
16:22:31.0356 0x091c [ 89E739BBA5F636297EA5B5F811189E06, 151B32B12F5DD0D388134DA2471FE9741CF22B9C408DA58FEF8019D3C4EC836B ] Browser C:\WINDOWS\System32\browser.dll
16:22:31.0371 0x091c Browser - ok
16:22:31.0387 0x091c catchme - ok
16:22:31.0403 0x091c [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
16:22:31.0465 0x091c cbidf2k - ok
16:22:31.0512 0x091c [ 0BE5AEF125BE881C4F854C554F2B025C, 1770DD70B3F115A0EF460907DEDC1E4B7241C08615A98F194D61A49C3E2BAA54 ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
16:22:31.0574 0x091c CCDECODE - ok
16:22:31.0574 0x091c cd20xrnt - ok
16:22:31.0590 0x091c [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
16:22:31.0653 0x091c Cdaudio - ok
16:22:31.0653 0x091c [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
16:22:31.0715 0x091c Cdfs - ok
16:22:31.0746 0x091c [ 1F4260CC5B42272D71F79E570A27A4FE, B51C2A3ED3C309953D0EA45869C8E464C10F2533DADE9E0286AF674979098D1D ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
16:22:31.0809 0x091c Cdrom - ok
16:22:31.0809 0x091c Changer - ok
16:22:31.0824 0x091c [ E390DC1D7C461D7D56EC53402F329928, FB37F84E71353CD83FCDDD39C898C6D84C05130C5F1BEF022E3DFDE160398C0E ] CiSvc C:\WINDOWS\system32\cisvc.exe
16:22:31.0903 0x091c CiSvc - ok
16:22:31.0949 0x091c [ 064507A8DFA8C5C7E2FFDDD3E6F424FA, 1725067BC759484A7185A4F1A44ED3CBE481529D187FE98EF279425B79177EB1 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
16:22:32.0012 0x091c ClipSrv - ok
16:22:32.0043 0x091c [ D87ACAED61E417BBA546CED5E7E36D9C, 14AC6034A5BC0FB2A1AFDAD42BEF4DE641556E54AD30D0C46765660A4BE55462 ] clr_optimization_v2.0.50727_32 c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:22:32.0074 0x091c clr_optimization_v2.0.50727_32 - ok
16:22:32.0074 0x091c CmdIde - ok
16:22:32.0074 0x091c COMSysApp - ok
16:22:32.0090 0x091c Cpqarray - ok
16:22:32.0106 0x091c [ F3AB0933CBD166D271992F411C27CCAF, 50E01F3B058F814BE914FA5050B2D972E8584A467719A5ABCF9D9EBD596A54A7 ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
16:22:32.0168 0x091c CryptSvc - ok
16:22:32.0168 0x091c dac2w2k - ok
16:22:32.0184 0x091c dac960nt - ok
16:22:32.0215 0x091c [ BE27674D1CBC3214AEC84B4336A38BBF, 3DF5F9A9E97595A61314B2731DF4F3D3C19D1B9D2291624A63B8E1861FFC2D76 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
16:22:32.0246 0x091c DcomLaunch - ok
16:22:32.0278 0x091c [ 7F19DBA1A467B838CCB23124A2C55568, 9D7C81AD7C4AAC69E8B263029F292B46FD8BFF9721349C2AB8A111C8CB670BB2 ] DgiVecp C:\WINDOWS\system32\Drivers\DgiVecp.sys
16:22:32.0309 0x091c DgiVecp - detected UnsignedFile.Multi.Generic ( 1 )
16:22:34.0731 0x091c Detect skipped due to KSN trusted
16:22:34.0731 0x091c DgiVecp - ok
16:22:34.0746 0x091c [ 8C9A53E285AC5E6704844D0459EC85BE, 9E86AF4C06CEC007C9B1590B6E056319603E4D79BED0C2471C6F1BC251B380CF ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
16:22:34.0809 0x091c Dhcp - ok
16:22:34.0824 0x091c [ 044452051F3E02E7963599FC8F4F3E25, 584BDDB074618BE76454CF90E74829CFF588B5B5FAEB793E2F7AAD26352DD689 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
16:22:34.0887 0x091c Disk - ok
16:22:34.0887 0x091c dmadmin - ok
16:22:34.0949 0x091c [ DB5FD2BF5B07DC54BFCB3664FF05BD7C, 46074FBBC5E4A40A7B3A45636089DEDD2A619778C7DCD797571C2BB64D775F7E ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
16:22:35.0043 0x091c dmboot - ok
16:22:35.0074 0x091c [ FFF1720AF51171F32F1EAD5CF71F2810, 2E40D63DC7670C1E88A532DB8923A98ABC8481C351C4D915C2753E10BA77F36D ] dmio C:\WINDOWS\system32\drivers\dmio.sys
16:22:35.0137 0x091c dmio - ok
16:22:35.0168 0x091c [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload C:\WINDOWS\system32\drivers\dmload.sys
16:22:35.0231 0x091c dmload - ok
16:22:35.0246 0x091c [ 2BFEFE9E865655A76982F050450B9591, 15C7D093D638770519AA43E7D8897310F32AB1F217027F5750D799494A985C35 ] dmserver C:\WINDOWS\System32\dmserver.dll
16:22:35.0309 0x091c dmserver - ok
16:22:35.0356 0x091c [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
16:22:35.0434 0x091c DMusic - ok
16:22:35.0449 0x091c [ DFAA406BF19F4EE806A6F8D4342137F7, EE2C11B3E37565FC009E323607B2F5F148F9219012EDF848CEFC1B273DAA98A9 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
16:22:35.0465 0x091c Dnscache - ok
16:22:35.0481 0x091c [ 4A3E2BD20157A0946751229E92EB8621, D8C00CC2C18C517F7262EBC3C511C062E5ABA797056AEB22AC5DEB306BA8C526 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
16:22:35.0559 0x091c Dot3svc - ok
16:22:35.0559 0x091c dpti2o - ok
16:22:35.0574 0x091c [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
16:22:35.0637 0x091c drmkaud - ok
16:22:35.0653 0x091c [ 0887D9C2BE8D940778CAD1E3B85F2A41, 2E30DC06D46A5E174B7CAA2D70BDB697015495942572E90425E2EE7AC541BCF4 ] EapHost C:\WINDOWS\System32\eapsvc.dll
16:22:35.0715 0x091c EapHost - ok
16:22:35.0731 0x091c [ A2A4912798F2BE706ABADD3D30800D16, CCCCA389D22525D984DE9B59E4CEBE0EEEF315F725176EB5C4DC1A5B6157234A ] ERSvc C:\WINDOWS\System32\ersvc.dll
16:22:35.0793 0x091c ERSvc - ok
16:22:35.0824 0x091c [ 9EF697AF07BB8DD82C3B02CA953A95B7, F26033E660B8FF1BDB9E88CDA205CE128C03138AF6BEC05DB3CF2D95C16D86C6 ] Eventlog C:\WINDOWS\system32\services.exe
16:22:35.0840 0x091c Eventlog - ok
16:22:35.0887 0x091c [ A371F11EF07653591C8DE26AFB13CE7F, 1192EDC8B146F1C27E8CD7E126DDC044F8B368C2E891A90CD81620D48C9550B6 ] EventSystem C:\WINDOWS\system32\es.dll
16:22:35.0903 0x091c EventSystem - ok
16:22:35.0934 0x091c [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
16:22:36.0012 0x091c Fastfat - ok
16:22:36.0043 0x091c [ EE9A2B9EA968A792A053C9D1A86BF870, 39798179F2EA42216CBE98F08ADA3675A87BD0C31A66534367B96CB129AF36BA ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
16:22:36.0059 0x091c FastUserSwitchingCompatibility - ok
16:22:36.0074 0x091c [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
16:22:36.0137 0x091c Fdc - ok
16:22:36.0137 0x091c [ AC366695A0796560AA37215AD5762AAF, 6ADC7443EA42D77199D4879AF3C33A07914116C69A34B895D8CB8444EE50077F ] Fips C:\WINDOWS\system32\drivers\Fips.sys
16:22:36.0215 0x091c Fips - ok
16:22:36.0215 0x091c [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
16:22:36.0278 0x091c Flpydisk - ok
16:22:36.0309 0x091c [ B2CF4B0786F8212CB92ED2B50C6DB6B0, 280F5CF8A90F7BEDE73ADD0DD0F8952088133A7CA9A3D3B7041957E33B36845D ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys
16:22:36.0387 0x091c FltMgr - ok
16:22:36.0449 0x091c [ 8BA7C024070F2B7FDD98ED8A4BA41789, 47585006F86B2C6016EC54250A416794792D1E4024FF229C120BC25B684AF66A ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
16:22:36.0465 0x091c FontCache3.0.0.0 - ok
16:22:36.0465 0x091c [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
16:22:36.0528 0x091c Fs_Rec - ok
16:22:36.0543 0x091c [ 4E664D8541DB4A66B73A24257E322E1F, 17A2140AFE2B41E579FCCAFB82532853AD90A6EDBCB13DE80741DAE0AD5B4CC9 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
16:22:36.0606 0x091c Ftdisk - ok
16:22:36.0606 0x091c [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
16:22:36.0684 0x091c Gpc - ok
16:22:36.0746 0x091c [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
16:22:36.0762 0x091c gusvc - ok
16:22:36.0793 0x091c [ 833051C6C6C42117191935F734CFBD97, 5EB5672ABC7994A4AFF855A572158B8BE4FC6E541CFD4B9BE4FF2739A9A6AFB8 ] hamachi C:\WINDOWS\system32\DRIVERS\hamachi.sys
16:22:36.0793 0x091c hamachi - ok
16:22:36.0903 0x091c [ FF3A98BBD9E5BC7F54C1E44B2CE2C0EA, 70FE64535E254AE22A9E0BFC7D0817FBD8161FB8CD7E15C6E54B3093A6BB0FB8 ] Hamachi2Svc C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
16:22:36.0981 0x091c Hamachi2Svc - ok
16:22:36.0996 0x091c [ 573C7D0A32852B48F3058CFD8026F511, BC384BBA394AFDCDA1A9ABC858C692AA84A1F0A31AF3DDF7F38D120C027927FB ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
16:22:37.0121 0x091c HDAudBus - ok
16:22:37.0199 0x091c [ FCFE31FB75F8A6295B6B0AF87A626282, 6BA385797DBC73EB29EFE3293B80C21B1B8A1E9B87A462476E73C526C9565E5F ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
16:22:37.0262 0x091c helpsvc - ok
16:22:37.0293 0x091c [ 00E25EE90166B3E1BE6E74AEBF858306, 92C2F020EF14DE3B4F09E2C5DFF3D2F35D8C50F6D0188F9CEEFE3B6075602EFE ] HidServ C:\WINDOWS\System32\hidserv.dll
16:22:37.0371 0x091c HidServ - ok
16:22:37.0403 0x091c [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] hidusb C:\WINDOWS\system32\DRIVERS\hidusb.sys
16:22:37.0465 0x091c hidusb - ok
16:22:37.0496 0x091c [ 7A6B320928F86BC851530D63C82965D9, 1F628759D31098DFBC05244735B5A62ACD8E45DBC5C9D236260D68EB8F1E28F5 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
16:22:37.0559 0x091c hkmsvc - ok
16:22:37.0559 0x091c hpn - ok
16:22:37.0590 0x091c [ F80A415EF82CD06FFAF0D971528EAD38, 524D9E9201572929522F6805011783711B7C0F76308B924C89CF75F4B7A1FDF3 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
16:22:37.0621 0x091c HTTP - ok
16:22:37.0653 0x091c [ 58FE2F2DA3BC5573F4A35B3760D3125F, B241ACCE426402EC64DC34C49CECB8CDC0851986D54BFCCED7040D6C43F5787A ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
16:22:37.0715 0x091c HTTPFilter - ok
16:22:37.0731 0x091c i2omgmt - ok
16:22:37.0731 0x091c i2omp - ok
16:22:37.0746 0x091c [ C528E27945367191E7BAE364930B6932, 1B95C7B49B4CAE734DC6C9EC22555C5356EEC856B8491C761C777479264CF854 ] i8042prt C:\WINDOWS\system32\drivers\i8042prt.sys
16:22:37.0809 0x091c i8042prt - ok
16:22:37.0918 0x091c [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
16:22:37.0918 0x091c IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
16:22:40.0246 0x091c Detect skipped due to KSN trusted
16:22:40.0246 0x091c IDriverT - ok
16:22:40.0309 0x091c [ C01AC32DC5C03076CFB852CB5DA5229C, A4D7749220B5BC965D96A267F1E02FE8284A230BA249109207BD4B9EA8DFAC96 ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
16:22:40.0356 0x091c idsvc - ok
16:22:40.0356 0x091c [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
16:22:40.0434 0x091c Imapi - ok
16:22:40.0481 0x091c [ F7B93AAFAD33B2320954C17E26C8D361, 8CFDB11A68B59E195F280BE08B25FA59F1F70833832919B8BECCE17616999934 ] ImapiService C:\WINDOWS\system32\imapi.exe
16:22:40.0559 0x091c ImapiService - ok
16:22:40.0559 0x091c ini910u - ok
16:22:40.0762 0x091c [ E8656858D8B2DA7C9CF59FB4E5CE32ED, B84D5ED721E904E1C282D6730275A324024663A61D47282930D4F23EA7E0BA68 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
16:22:40.0949 0x091c IntcAzAudAddService - ok
16:22:40.0965 0x091c IntelIde - ok
16:22:40.0996 0x091c [ 27B290D632AF2CF3CF40BFDDB7370985, 2C266777B4A96706658B8C9A7B30D15D6E495C815FAE23A0A1FC747E9B5AE363 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
16:22:41.0059 0x091c intelppm - ok
16:22:41.0074 0x091c [ 3BB22519A194418D5FEC05D800A19AD0, F6662F440950596DC1382DD1DB5D7891CCEA30A6062BEA942C18445B5F0D8B16 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
16:22:41.0153 0x091c Ip6Fw - ok
16:22:41.0184 0x091c [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
16:22:41.0246 0x091c IpFilterDriver - ok
16:22:41.0262 0x091c [ B87AB476DCF76E72010632B5550955F5, E6E74D3A86A7917A8BAED44F8E97CCD2EB171E4E4B27E9907F60D1523FAF319A ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
16:22:41.0324 0x091c IpInIp - ok
16:22:41.0340 0x091c [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
16:22:41.0418 0x091c IpNat - ok
16:22:41.0449 0x091c [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
16:22:41.0528 0x091c IPSec - ok
16:22:41.0574 0x091c [ C93C9FF7B04D772627A3646D89F7BF89, 805FA48E7A46D4F10240BF880A2468F53DEA36E83004399228AB70DB7D20544A ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
16:22:41.0606 0x091c IRENUM - ok
16:22:41.0637 0x091c [ CC9F8A2D60AED1A51A3AC34C59B987AE, CBF69817BE3D9A4617390B1A3306074CB8581F21562CD1357D32BC3E542F3CEE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
16:22:41.0699 0x091c isapnp - ok
16:22:41.0746 0x091c [ 1B6162FE7F66B1A71A4B70F941C4AA9B, C2EA494BAB0513A6027414FB1E75834F980A77852D0DC8559E8942FC222A075A ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
16:22:41.0809 0x091c Kbdclass - ok
16:22:41.0809 0x091c [ 86C8F23616C6C6E5B2776901C17B945B, 211B63FC405A2DDB126D204D61E779D66C7211882CC0374521926C633E180B91 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
16:22:41.0871 0x091c kbdhid - ok
16:22:41.0887 0x091c [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
16:22:41.0949 0x091c kmixer - ok
16:22:41.0996 0x091c [ B467646C54CC746128904E1654C750C1, 3BD71BE3663EA23463D236D8A2A2E42DFA10C502BDB4B6E131FAF0FBA748219E ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
16:22:42.0012 0x091c KSecDD - ok
16:22:42.0043 0x091c [ 3428E8F86F8ADD36B42FB23542C7B3E4, 9CF643D1A70AF08407ACD5FD6FE4B8777521DDF41B5E63C2E6E1E4CAAC69A403 ] LanmanServer C:\WINDOWS\System32\srvsvc.dll
16:22:42.0059 0x091c LanmanServer - ok
16:22:42.0074 0x091c [ 936C1D110232D23B621CB0196E4F80F0, 2DE3AF93E20F1DC7A6FF31B18054EA4D2350387E4DA91C4B16D451384F0C57E2 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
16:22:42.0090 0x091c lanmanworkstation - ok
16:22:42.0090 0x091c lbrtfdc - ok
16:22:42.0137 0x091c [ 4127E8B6DDB4090E815C1F8852C277D3, A5BC1F65FA6D8952CDDA08320ADDF0E4394E10AE4780017C8C86AC5E68DF83F8 ] lirsgt C:\WINDOWS\system32\DRIVERS\lirsgt.sys
16:22:42.0153 0x091c lirsgt - ok
16:22:42.0168 0x091c [ 0AB159F536E3E8F7F07113702A07CCA5, 3218C553183E6697C663B6D12790E09756B50505590858DD5AC62411D37CDD7C ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
16:22:42.0231 0x091c LmHosts - ok
16:22:42.0262 0x091c [ 95D5EDEEB8E98D2996C9ADBFB4EA1ABC, A6EE56B600C6E796390402C80F335475E9F2A36541BA4C1C33D00023DCEE9B3D ] LMIGuardianSvc C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe
16:22:42.0293 0x091c LMIGuardianSvc - ok
16:22:42.0293 0x091c lmimirr - ok
16:22:42.0324 0x091c [ 221CD1C815B8A6B79389C3F5D1018DE8, 6D0D25D6669C4F9452F74EC72C6138A41D9408E01AF5FD01C08F27BE7BC9C905 ] Messenger C:\WINDOWS\System32\msgsvc.dll
16:22:42.0387 0x091c Messenger - ok
16:22:42.0418 0x091c [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
16:22:42.0481 0x091c mnmdd - ok
16:22:42.0512 0x091c [ 9A57D046F88F4B69751B11FD40088A61, 62F65433024CE411F111A88723747B8A83B31076FBAF4CFF40FD02A53D7FF7DF ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
16:22:42.0590 0x091c mnmsrvc - ok
16:22:42.0637 0x091c [ 44032B0C6D9954D3FD26438330B99EE7, A49749A4C00D50F57170AA5DA9E2DEECC8C524A48B144C8B784894F2C202FBEE ] Modem C:\WINDOWS\system32\drivers\Modem.sys
16:22:42.0684 0x091c Modem - ok
16:22:42.0731 0x091c [ 9FA7207D1B1ADEAD88AE8EED9CDBBAA5, 2AC3875B2E7D9B0692253A9867B940CF214DE03574808B42C3702843BC1D5696 ] Monfilt C:\WINDOWS\system32\drivers\Monfilt.sys
16:22:42.0824 0x091c Monfilt - ok
16:22:42.0840 0x091c [ 4CB582831DBDE63CE43B45D771218374, 6D470B26197C5B388983D9213D48D2CDE934C9591572876DC7790FE4B59E0845 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
16:22:42.0903 0x091c Mouclass - ok
16:22:42.0934 0x091c [ BB269EBA740737AB749B214D568B6812, ABF41D9B521EBBE674E76981CAD31F8FD05976DE7070266C3956FDB67C83C4C2 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
16:22:42.0996 0x091c mouhid - ok
16:22:43.0012 0x091c [ A80B9A0BAD1B73637DBCBBA7DF72D3FD, 2A5E15ED2C24C6C65EF2F7E1FD93374774076C9D8D451E4422561F4D269C012F ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
16:22:43.0090 0x091c MountMgr - ok
16:22:43.0090 0x091c mraid35x - ok
16:22:43.0106 0x091c [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
16:22:43.0199 0x091c MRxDAV - ok
16:22:43.0231 0x091c [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0, DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6CB1C22840ED170 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
16:22:43.0262 0x091c MRxSmb - ok
16:22:43.0293 0x091c [ 6DB4D1521CABA9A5FFAB54ADE0AE867D, 78D63EE2C0B0852F0771071C099643242EBC9F4DA28847B93BCE9C3CC1091938 ] MSDTC C:\WINDOWS\system32\msdtc.exe
16:22:43.0356 0x091c MSDTC - ok
16:22:43.0371 0x091c [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
16:22:43.0434 0x091c Msfs - ok
16:22:43.0434 0x091c MSIServer - ok
16:22:43.0465 0x091c [ D1575E71568F4D9E14CA56B7B0453BF1, 4ABE0E24786C0D39FA2B885447E56204CA6942FB175E534DCE675D7BCF0B176A ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
16:22:43.0528 0x091c MSKSSRV - ok
16:22:43.0543 0x091c [ 325BB26842FC7CCC1FCCE2C457317F3E, C07BE560513B1FB91D756494F0BA4AEEB2E1998DE0E1C21EE83DB1183B0CEE91 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
16:22:43.0606 0x091c MSPCLOCK - ok
16:22:43.0621 0x091c [ BAD59648BA099DA4A17680B39730CB3D, 9AD4C7C94C186C8815D0BC75DCAFB962158DA6935A244BA243EDDDEB33F9816C ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
16:22:43.0699 0x091c MSPQM - ok
16:22:43.0731 0x091c [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
16:22:43.0793 0x091c mssmbios - ok
16:22:43.0840 0x091c [ E53736A9E30C45FA9E7B5EAC55056D1D, 38602F280BF69EBA3706AD175AFC1AEB561A8302B4B61E3FECB3C27D7A9BDB41 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
16:22:43.0903 0x091c MSTEE - ok
16:22:43.0949 0x091c [ D48659BB24C48345D926ECB45C1EBDF5, EDEDE58316827530C25F8085F62AD48EA6D44B0F8AC1917B940F53B02CF72EA6 ] MTsensor C:\WINDOWS\system32\DRIVERS\ASACPI.sys
16:22:43.0949 0x091c MTsensor - ok
16:22:43.0965 0x091c [ DE6A75F5C270E756C5508D94B6CF68F5, FCC972DDC36C2C44D836913F10004C2C33B11C54DEFFF0C63E0FDF901D2F9261 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
16:22:43.0965 0x091c Mup - ok
16:22:43.0981 0x091c [ 5B50F1B2A2ED47D560577B221DA734DB, C16A554B6E1A7F5F98C94DFA88163E0F7426506BF2F51FD351B1A05FC0DB3BC5 ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
16:22:44.0074 0x091c NABTSFEC - ok
16:22:44.0106 0x091c [ 6EA362E9DB03D44F6B996F4D8BE237E9, FE6B4C546D26C4A2832CF4CB280B86B1723E10E46A3C24AF6C9856FCCAE9D1FC ] napagent C:\WINDOWS\System32\qagentrt.dll
16:22:44.0168 0x091c napagent - ok
16:22:44.0184 0x091c [ 1DF7F42665C94B825322FAE71721130D, FE0DCB728471465B39A42A7511F4133021FBA5DF88F88BCB5FE2FF34CFD713F9 ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
16:22:44.0262 0x091c NDIS - ok
16:22:44.0262 0x091c [ 7FF1F1FD8609C149AA432F95A8163D97, 18CD1FF5AC1EF8A38D1EC53014F2BADD28D9CDF4ECE2EBC2313D08903776F323 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
16:22:44.0324 0x091c NdisIP - ok
16:22:44.0324 0x091c [ 0109C4F3850DFBAB279542515386AE22, 4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
16:22:44.0340 0x091c NdisTapi - ok
16:22:44.0356 0x091c [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
16:22:44.0418 0x091c Ndisuio - ok
16:22:44.0449 0x091c [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
16:22:44.0496 0x091c NdisWan - ok
16:22:44.0543 0x091c [ 2F597BB467E05B1FE3830EABD821B8E0, 141497F5A49D47CCE3C9289644F4BD838DCB238F6D8E847FC006652E21FE02AC ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
16:22:44.0559 0x091c NDProxy - ok
16:22:44.0590 0x091c [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
16:22:44.0653 0x091c NetBIOS - ok
16:22:44.0668 0x091c [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
16:22:44.0731 0x091c NetBT - ok
16:22:44.0746 0x091c [ 933DE774986EC85E48210C44AB431DE6, B8C85085003792B8744D96585CE6F2BC474EEEEC364A100CCBCE08176D91E75C ] NetDDE C:\WINDOWS\system32\netdde.exe
16:22:44.0809 0x091c NetDDE - ok
16:22:44.0809 0x091c [ 933DE774986EC85E48210C44AB431DE6, B8C85085003792B8744D96585CE6F2BC474EEEEC364A100CCBCE08176D91E75C ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
16:22:44.0871 0x091c NetDDEdsdm - ok
16:22:44.0918 0x091c [ ED0A176354487CEED65B80A7148AB739, 71295D7D7684539DBD2924B437660960C01E073A521FE12D1519969327EC8DC4 ] Netlogon C:\WINDOWS\system32\lsass.exe
16:22:45.0012 0x091c Netlogon - ok
16:22:45.0043 0x091c [ 72E1E9E2977BE08BDEEDB6D8FD9D4D40, 588C8BA14A7255FD36A88960CBE34341301773765ECF2A9A0F1760A509A08A5B ] Netman C:\WINDOWS\System32\netman.dll
16:22:45.0106 0x091c Netman - ok
16:22:45.0137 0x091c [ D34612C5D02D026535B3095D620626AE, 1BBCCCBF49EB8807240A77DCB43C25C21682073CC5356594E2C4F53EF36BF657 ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
16:22:45.0153 0x091c NetTcpPortSharing - ok
16:22:45.0168 0x091c [ 39EE7C3BFBC64BA87CC8CF67386E814C, B93CCB625CE370D9A49C9374D24C939D7C9FEF81401F4F822C51E12677D77E01 ] Nla C:\WINDOWS\System32\mswsock.dll
16:22:45.0184 0x091c Nla - ok
16:22:45.0199 0x091c [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
16:22:45.0262 0x091c Npfs - ok
16:22:45.0278 0x091c [ 78A08DD6A8D65E697C18E1DB01C5CDCA, E0E6F3ED05068E32F1D5C2D2B38CDEF4536B8656DB6756C66CF6B40B60C8F3DA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
16:22:45.0356 0x091c Ntfs - ok
16:22:45.0356 0x091c [ ED0A176354487CEED65B80A7148AB739, 71295D7D7684539DBD2924B437660960C01E073A521FE12D1519969327EC8DC4 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
16:22:45.0418 0x091c NtLmSsp - ok
16:22:45.0449 0x091c [ 023DD70573D644F3D9C8B1258A7BFD08, 9A1D3210ED5FD8BEDF92ED577A9B30E37035408A73EB66A8C950B75AB7539B83 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
16:22:45.0528 0x091c NtmsSvc - ok
16:22:45.0543 0x091c [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null C:\WINDOWS\system32\drivers\Null.sys
16:22:45.0606 0x091c Null - ok
16:22:45.0934 0x091c [ 9CDA796E6BEC89EFF45EF430651EA74B, DF01BC9550D927F9A381D914273F8EF9123BB04F0A604DFFB41FC6EBD8DECCAB ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
16:22:46.0246 0x091c nv - ok
16:22:46.0324 0x091c [ 863041151B4EB289465C686A4DE9C0AE, 763B2AD98718F894A6EFB31ADA084FBC92DB7154AC57971ED2F262A8F71EA2B4 ] NVHDA C:\WINDOWS\system32\drivers\nvhda32.sys
16:22:46.0340 0x091c NVHDA - ok
16:22:46.0387 0x091c [ 30CB85790A3C70AE45C88E28BA6397C2, FA290B3760CF2E2E856B4303ADD8DFF2265BAEDFF3AD635056A3F2EA7E17B0AD ] NVSvc C:\WINDOWS\system32\nvsvc32.exe
16:22:46.0403 0x091c NVSvc - ok
16:22:46.0496 0x091c [ 37C8EC2860DF210ED93A94BF6525CBC7, 818FBBB44A6B1A9E9FA685CEA7B15122010E82476791E2E22746CDB315684052 ] nvUpdatusService C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
16:22:46.0543 0x091c nvUpdatusService - ok
16:22:46.0590 0x091c [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
16:22:46.0668 0x091c NwlnkFlt - ok
16:22:46.0684 0x091c [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
16:22:46.0746 0x091c NwlnkFwd - ok
16:22:46.0762 0x091c [ 46F8DB73B4A53E543F8E371DC7C75BAE, F6C5E7DE4B4AE0ED785DB075BE14EA6A0FC9050C95669B26DEF2B82D7B7D3B2C ] Parport C:\WINDOWS\system32\drivers\Parport.sys
16:22:46.0824 0x091c Parport - ok
16:22:46.0840 0x091c [ BEB3BA25197665D82EC7065B724171C6, 7E71C13BA30CD95CEE8A9CC85E6F48A01F30EDEAADEE69D80AE828BF97E5A5CA ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
16:22:46.0903 0x091c PartMgr - ok
16:22:46.0949 0x091c [ 1FAE19D0457176318BBA4A8795656EBC, 5F3D6CABA203A0485D67F63A6A81151724EE200BE49ED095CFCB1EF29C19D19F ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
16:22:47.0012 0x091c ParVdm - ok
16:22:47.0043 0x091c [ 6CE351D149CB4BEFC702951E471E1730, 758327683BB45F01D5AE550AF21856822B4CF55E17F2A4F452F559088D242B37 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
16:22:47.0106 0x091c PCI - ok
16:22:47.0106 0x091c PCIDump - ok
16:22:47.0121 0x091c [ 2DA4EC85E0EA7A45C6B2A05820492D5A, A8C6BD93D3BC33A5B36EB523997EF9E0783B6E6EAFB6E7F58BCC2629009BDCF9 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
16:22:47.0199 0x091c PCIIde - ok
16:22:47.0215 0x091c [ 4FC31E6C19A5CE5198B1ABFF94CAE758, A031E21EC1F15DA5E8429269F435337FA961C3C06D535DAFD448C7355F33FD0C ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
16:22:47.0293 0x091c Pcmcia - ok
16:22:47.0293 0x091c PDCOMP - ok
16:22:47.0293 0x091c PDFRAME - ok
16:22:47.0309 0x091c PDRELI - ok
16:22:47.0309 0x091c PDRFRAME - ok
16:22:47.0324 0x091c perc2 - ok
16:22:47.0324 0x091c perc2hib - ok
16:22:47.0371 0x091c [ 9EF697AF07BB8DD82C3B02CA953A95B7, F26033E660B8FF1BDB9E88CDA205CE128C03138AF6BEC05DB3CF2D95C16D86C6 ] PlugPlay C:\WINDOWS\system32\services.exe
16:22:47.0387 0x091c PlugPlay - ok
16:22:47.0434 0x091c [ 3A2BDD76E7D2A5F40A7174793D1BA794, 029EE2C2F71AEC7906600EEC4F855DC5648C1ECF53F11426079B04591F24D067 ] PnkBstrA C:\WINDOWS\system32\PnkBstrA.exe
16:22:47.0434 0x091c PnkBstrA - ok
16:22:47.0449 0x091c [ ED0A176354487CEED65B80A7148AB739, 71295D7D7684539DBD2924B437660960C01E073A521FE12D1519969327EC8DC4 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
16:22:47.0512 0x091c PolicyAgent - ok
16:22:47.0512 0x091c [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
16:22:47.0574 0x091c PptpMiniport - ok
16:22:47.0574 0x091c [ ED0A176354487CEED65B80A7148AB739, 71295D7D7684539DBD2924B437660960C01E073A521FE12D1519969327EC8DC4 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
16:22:47.0637 0x091c ProtectedStorage - ok
16:22:47.0653 0x091c [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
16:22:47.0699 0x091c PSched - ok
16:22:47.0715 0x091c [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
16:22:47.0778 0x091c Ptilink - ok
16:22:47.0778 0x091c ql1080 - ok
16:22:47.0778 0x091c Ql10wnt - ok
16:22:47.0778 0x091c ql12160 - ok
16:22:47.0793 0x091c ql1240 - ok
16:22:47.0809 0x091c ql1280 - ok
16:22:47.0824 0x091c [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
16:22:47.0871 0x091c RasAcd - ok
16:22:47.0903 0x091c [ 2B5E44EA009F2F374B980E1E9A70635D, 62D8FDB80C8ACBA2C42C12760B785587C43BEDFE015EC5C41B25F2BB735EFEB0 ] RasAuto C:\WINDOWS\System32\rasauto.dll
16:22:47.0981 0x091c RasAuto - ok
16:22:48.0028 0x091c [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
16:22:48.0090 0x091c Rasl2tp - ok
16:22:48.0106 0x091c [ D57554C664B64604BD1EE13EA2C07E77, B090C05B91EA602BFF9A5E89AB1A0FFDE869611961FF749DA8B3F4D00F04E756 ] RasMan C:\WINDOWS\System32\rasmans.dll
16:22:48.0168 0x091c RasMan - ok
16:22:48.0199 0x091c [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
16:22:48.0246 0x091c RasPppoe - ok
16:22:48.0262 0x091c [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
16:22:48.0309 0x091c Raspti - ok
16:22:48.0324 0x091c [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
16:22:48.0387 0x091c Rdbss - ok
16:22:48.0387 0x091c [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
16:22:48.0449 0x091c RDPCDD - ok
16:22:48.0496 0x091c [ 15CABD0F7C00C47C70124907916AF3F1, 66B5C978B7FB6359AD8BAC9F568FE9D469E358FEAB07B1F129BA9E85F1DF723E ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
16:22:48.0559 0x091c rdpdr - ok
16:22:48.0590 0x091c [ 43AF5212BD8FB5BA6EED9754358BD8F7, AF330F61CECA4AFA359CEABC5EB3227E6B56A9A2DCE50701381D665122D7356D ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
16:22:48.0606 0x091c RDPWD - ok
16:22:48.0637 0x091c [ C0D9D9711CB74EE9BC66353D8CBDAB0E, F1AF9A26910707E76BF213D8DE5C902B0088D8A29EBDFF72DE6A4D867E298CC8 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
16:22:48.0699 0x091c RDSessMgr - ok
16:22:48.0746 0x091c [ 611BFD220305BE3A85AE876EA47D4AA5, FDF87878EB3886649025E5A12F1C3FC9072D66CCD3217944710085C1F8A4512E ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
16:22:48.0809 0x091c redbook - ok
16:22:48.0856 0x091c [ 127C26B5371651043450E52542099ABA, 98AADAD8D5211CB894AA7C59B6299861B1F44B6D8F46AB5837E7D2F5B615B14A ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
16:22:48.0918 0x091c RemoteAccess - ok
16:22:48.0965 0x091c [ 8F31505484A190D5B22274708799F4EC, 170FF8193C95CEE73B9342B6FB7D83DF4E80B2CCBB27DF41F4AB5F2FB9AF60E1 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
16:22:49.0028 0x091c RemoteRegistry - ok
16:22:49.0059 0x091c [ 718B3BDC0BC3C2F7D065A53D26202AF9, 9E58243628F1E1396AB82A80D046FF50803A230EE07B007E0CA5D744C77B091A ] RpcLocator C:\WINDOWS\system32\locator.exe
16:22:49.0121 0x091c RpcLocator - ok
16:22:49.0153 0x091c [ BE27674D1CBC3214AEC84B4336A38BBF, 3DF5F9A9E97595A61314B2731DF4F3D3C19D1B9D2291624A63B8E1861FFC2D76 ] RpcSs C:\WINDOWS\System32\rpcss.dll
16:22:49.0184 0x091c RpcSs - ok
16:22:49.0199 0x091c [ 09AB2E71E58B078038E3BFDBA7FFC984, 8CA277DEEF6376B0F48C6BA5DBBC3E8AF2245983BA9AF6AB83D1A920D35FAF93 ] RSVP C:\WINDOWS\system32\rsvp.exe
16:22:49.0262 0x091c RSVP - ok
16:22:49.0293 0x091c [ B0E1648AAE1E59BDD0854AF07A605399, 5F65A82DC16AC7748647D27AEA74A2AF836B2D2A509FCEFC29AC7E38708B348E ] RTLE8023xp C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
16:22:49.0309 0x091c RTLE8023xp - ok
16:22:49.0324 0x091c [ ED0A176354487CEED65B80A7148AB739, 71295D7D7684539DBD2924B437660960C01E073A521FE12D1519969327EC8DC4 ] SamSs C:\WINDOWS\system32\lsass.exe
16:22:49.0387 0x091c SamSs - ok
16:22:49.0434 0x091c [ 410046E401EB11E1E6749E9DEEA41D4A, 9507268ACD24EF51E994DC418E8EB3E10DEDE61EE892226A22A5DA7662397E25 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
16:22:49.0496 0x091c SCardSvr - ok
16:22:49.0543 0x091c [ 3FF232A7731621B8902D81D42418C93C, 2030C9A843D9555170179883BD4CC1E978D5FC5EC0D7FCA56518224E428BE421 ] Schedule C:\WINDOWS\system32\schedsvc.dll
16:22:49.0606 0x091c Schedule - ok
16:22:49.0637 0x091c [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
16:22:49.0668 0x091c Secdrv - ok
16:22:49.0684 0x091c [ 477E2C3CC5E4A0D635BCB0EA8DCAC3C6, 82EEB2345AC19050FAB202DE76C2CDD93E753F5AB67789A86A1726D3040C02E5 ] seclogon C:\WINDOWS\System32\seclogon.dll
16:22:49.0762 0x091c seclogon - ok
16:22:49.0762 0x091c [ A530B75C10C23C9AB28FDB6CE719E21F, 14568DF6457758E2F534A46A8E6245C364895C3993BEF2B5A889B98DBB201A27 ] SENS C:\WINDOWS\system32\sens.dll
16:22:49.0840 0x091c SENS - ok
16:22:49.0856 0x091c [ 0F29512CCD6BEAD730039FB4BD2C85CE, 4F98AE390D1B14A755700DD6CEFB9CF921F0404AF2145D2D7E5F52394F87C6A5 ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
16:22:49.0918 0x091c serenum - ok
16:22:49.0949 0x091c [ B842729337C9B921615C40D3C1A1AF96, 503670A56423B996C6ED6AE95F07FB88910767C4A2041A4BE9070C57A016E7FA ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
16:22:50.0012 0x091c Serial - ok
16:22:50.0043 0x091c [ 4C0D673281178CB496011A2E28571FC8, 14CFB50F3EA987C4485475B2E5EC85C137949911495245F29FE64723C909C9E8 ] sfdrv01 C:\WINDOWS\system32\drivers\sfdrv01.sys
16:22:50.0043 0x091c sfdrv01 - detected UnsignedFile.Multi.Generic ( 1 )
16:22:52.0590 0x091c Detect skipped due to KSN trusted
16:22:52.0590 0x091c sfdrv01 - ok
16:22:52.0621 0x091c [ 15BE2B5E4DC5B8623CF167720682ABC9, FAECDC0DCB6EACE8130B278E2FB84B9523AB10329A00B24043B9C76867B917F0 ] sfhlp02 C:\WINDOWS\system32\drivers\sfhlp02.sys
16:22:52.0621 0x091c sfhlp02 - detected UnsignedFile.Multi.Generic ( 1 )
16:22:54.0918 0x091c Detect skipped due to KSN trusted
16:22:54.0918 0x091c sfhlp02 - ok
16:22:54.0918 0x091c [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
16:22:54.0981 0x091c Sfloppy - ok
16:22:55.0028 0x091c [ 9EF50060CC7E6953BAB83F2A42CCC421, DBE1FE12A50E08399275595196D96BAD21E0202BB4C6B276A38A8DA49F2D21A8 ] sfvfs02 C:\WINDOWS\system32\drivers\sfvfs02.sys
16:22:55.0028 0x091c sfvfs02 - detected UnsignedFile.Multi.Generic ( 1 )
16:22:57.0434 0x091c Detect skipped due to KSN trusted
16:22:57.0434 0x091c sfvfs02 - ok
16:22:57.0449 0x091c [ F58FACA9621D2DB01BD0927D9A0A208E, 239C87E09261BC9D1DBE99DABCFC4787D42289E8769563A5EFB323BE6F177C9A ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
16:22:57.0528 0x091c SharedAccess - ok
16:22:57.0543 0x091c [ EE9A2B9EA968A792A053C9D1A86BF870, 39798179F2EA42216CBE98F08ADA3675A87BD0C31A66534367B96CB129AF36BA ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
16:22:57.0559 0x091c ShellHWDetection - ok
16:22:57.0559 0x091c Simbad - ok
16:22:57.0590 0x091c [ 866D538EBE33709A5C9F5C62B73B7D14, BC94BEB7C17B4FCAC8B5D0D5006A203BC209E0504EECE149651D8691935696CD ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
16:22:57.0653 0x091c SLIP - ok
16:22:57.0653 0x091c Sparrow - ok
16:22:57.0684 0x091c [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] splitter C:\WINDOWS\system32\drivers\splitter.sys
16:22:57.0746 0x091c splitter - ok
16:22:57.0778 0x091c [ 60784F891563FB1B767F70117FC2428F, E0B07F08E60FFBAD36C2E58180F4B2A16DCA47716044CBE0213DF7B74D742F1F ] Spooler C:\WINDOWS\system32\spoolsv.exe
16:22:57.0793 0x091c Spooler - ok
16:22:57.0793 0x091c [ 94610C8653635E4459316A0050D55CE7, D148D33B3D2B0757060531C526F2161504A8D7C4E5957D092C7EBDB007271339 ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
16:22:57.0840 0x091c sr - ok
16:22:57.0871 0x091c [ 35B91147124F64AC8081A2EDB9EA4DEE, 1609D19156DAC6EE3C2D2350B062966B64D9CDC289E9B8FEB6D244AAEBE90BBF ] srservice C:\WINDOWS\system32\srsvc.dll
16:22:57.0918 0x091c srservice - ok
16:22:57.0934 0x091c [ 47DDFC2F003F7F9F0592C6874962A2E7, 17C643BD4EB09B5666FE41817DC785BE04A6E491CE79E8E5A702CDBD98E1BDD7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
16:22:57.0981 0x091c Srv - ok
16:22:57.0996 0x091c [ BECD5271DC4E3B7C3D035F790FCBC1E5, D63B9DB81332553C963EC5057D241CE2287AF652387333C1FD79AF8C9B5F2BA7 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
16:22:58.0043 0x091c SSDPSRV - ok
16:22:58.0043 0x091c SSPORT - ok
16:22:58.0074 0x091c [ C1CDD9275F6A115BB0AE1D55D8D27BA6, CD0511FD7F6AD832CBEB931C605AB3AD217631C57399CB8033248D27619541E4 ] stisvc C:\WINDOWS\system32\wiaservc.dll
16:22:58.0137 0x091c stisvc - ok
16:22:58.0153 0x091c [ 77813007BA6265C4B6098187E6ED79D2, 93939120E803C46FBFD577C8FC2E6C7E71C0460E01D25CB29579490640AB50C7 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
16:22:58.0199 0x091c streamip - ok
16:22:58.0231 0x091c [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
16:22:58.0278 0x091c swenum - ok
16:22:58.0293 0x091c [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
16:22:58.0356 0x091c swmidi - ok
16:22:58.0356 0x091c SwPrv - ok
16:22:58.0356 0x091c symc810 - ok
16:22:58.0371 0x091c symc8xx - ok
16:22:58.0387 0x091c sym_hi - ok
16:22:58.0387 0x091c sym_u3 - ok
16:22:58.0434 0x091c [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
16:22:58.0496 0x091c sysaudio - ok
16:22:58.0528 0x091c [ CE06F01B88ACE199A1BF460CAC29C110, 3CD89E5B8E53203287D889C107E4795225742DB6C6ACA2DC0611BD9728382A27 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
16:22:58.0590 0x091c SysmonLog - ok
16:22:58.0621 0x091c [ C2546CD7A398476F9DF5614B2AE160E8, 11C8435BA983553E9C0806494E9B3C7080515C0375B0604F029D89B50726161A ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
16:22:58.0684 0x091c TapiSrv - ok
16:22:58.0715 0x091c [ 9AEFA14BD6B182D61E3119FA5F436D3D, EA29E49434585409272E7901AF89771FE9D6E911A7DC44AB3C7020CFF8A44552 ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
16:22:58.0731 0x091c Tcpip - ok
16:22:58.0762 0x091c [ 6471A66807F5E104E4885F5B67349397, F35CBFFB8BB235CCE30EF94A5273333900DD49FD506BF9D55D99A320B8A53A5A ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
16:22:58.0824 0x091c TDPIPE - ok
16:22:58.0840 0x091c [ C56B6D0402371CF3700EB322EF3AAF61, 7743FA4C734BCE38EFB1CA69BC17364D8421E2CD172F856F7E38E7AE1EE93F2F ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
16:22:58.0903 0x091c TDTCP - ok
16:22:58.0918 0x091c [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
16:22:58.0981 0x091c TermDD - ok
16:22:59.0012 0x091c [ A75DD6FC3DBEE4FFF5EBC9F2C28BB66E, 3D2B1D899061448EAD993CDE97D1EF50DD64728E9F44D80FEAE591198A937653 ] TermService C:\WINDOWS\System32\termsrv.dll
16:22:59.0090 0x091c TermService - ok
16:22:59.0106 0x091c [ EE9A2B9EA968A792A053C9D1A86BF870, 39798179F2EA42216CBE98F08ADA3675A87BD0C31A66534367B96CB129AF36BA ] Themes C:\WINDOWS\System32\shsvcs.dll
16:22:59.0121 0x091c Themes - ok
16:22:59.0137 0x091c [ CD0CC7B167D78043A41C98D4921EFB54, 31AAB5D6D6BA52EBDDE1B5DEB8F9B4D9597FFBA4485F959C846F635060CCB5C0 ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
16:22:59.0184 0x091c TlntSvr - ok
16:22:59.0184 0x091c TosIde - ok
16:22:59.0231 0x091c [ 38853304CCB938D30E0C4CDE8D2C2A8A, 966E7BCC9F63A1A7777F8A12E51C2A91EC688CE96109943ADC4CB4EB58DC34A6 ] TrkWks C:\WINDOWS\system32\trkwks.dll
16:22:59.0293 0x091c TrkWks - ok
16:22:59.0309 0x091c [ 5787B80C2E3C5E2F56C2A233D91FA2C9, 3774905CF77954DFCECDA5BCC7CDE3D0ED72712BFAAD85ADAE5246306447E46C ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
16:22:59.0371 0x091c Udfs - ok
16:22:59.0371 0x091c ultra - ok
16:22:59.0418 0x091c [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
16:22:59.0496 0x091c Update - ok
16:22:59.0528 0x091c [ 651BD90DCEE5B7BDC74A2EB7C9266F9E, AF7662BCA0819F82CE5EE0863E47149CC127DE664CB3DC6359B63FBD71DB54F8 ] upnphost C:\WINDOWS\System32\upnphost.dll
16:22:59.0574 0x091c upnphost - ok
16:22:59.0590 0x091c [ 20A0F6A11959E92908717D09E87D670D, 3DD6C99AB0F70FAA43DF470B30078B8A51B8AF735CD5C50DBB195FEA70F4C36E ] UPS C:\WINDOWS\System32\ups.exe
16:22:59.0653 0x091c UPS - ok
16:22:59.0684 0x091c [ 65898A183FBF1D1F7759D5CCB364DCD4, 85E823123FDB4CA5F8255064E22A444627999055EC3419DFD001371893F36AB9 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
16:22:59.0715 0x091c usbaudio - ok
16:22:59.0746 0x091c [ 1B611611C28D2DF25BC057D79C6F13FC, B0D86F63E44B40413BBAE6402CC088046CFAE082D41BBC2ED5A916293356B846 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
16:22:59.0762 0x091c usbccgp - ok
16:22:59.0793 0x091c [ 4BAC8DF07F1D8434FC640E677A62204E, 76C1351AF6752224BF59DEEE0F8665FE699F3DFD679F5BCD01C7D9383E6402A4 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
16:22:59.0809 0x091c usbehci - ok
16:22:59.0840 0x091c [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
16:22:59.0903 0x091c usbhub - ok
16:22:59.0934 0x091c [ A717C8721046828520C9EDF31288FC00, 1530BBE832EDBB0974AD89D723A03FF7A0094B368992D73C2C3E62A181DF1E0A ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
16:22:59.0996 0x091c usbprint - ok
16:23:00.0028 0x091c [ F8EDE2B6928970DCE3D5614C27D9E7F6, 6E5EBBC8B70C1D593634DAF0C190DEADFDA18C3CBC8F552A76F156F3869EF05B ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
16:23:00.0028 0x091c usbscan - ok
16:23:00.0059 0x091c [ A32426D9B14A089EAA1D922E0C5801A9, ED1DC52EE45F8EAD3AEC4B1F817BB25634141CF48295494C5947DCE6CF7A9817 ] usbstor C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
16:23:00.0121 0x091c usbstor - ok
16:23:00.0137 0x091c [ 26496F9DEE2D787FC3E61AD54821FFE6, 8BE7FF647470B9A951CBB478FAF83D657A15CC78037F42348A6B738F21D523DA ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
16:23:00.0215 0x091c usbuhci - ok
16:23:00.0215 0x091c [ 813236B1183CFCF289E367BD5DE6E29E, 167FE18A96F330AEEC1A4C419770C15EFEB536D43838285E51E7A62E95DF4674 ] usbvideo C:\WINDOWS\system32\Drivers\usbvideo.sys
16:23:00.0231 0x091c usbvideo - ok
16:23:00.0262 0x091c [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
16:23:00.0309 0x091c VgaSave - ok
16:23:00.0324 0x091c ViaIde - ok
16:23:00.0324 0x091c [ 28A4B296B47782173C346E376CB374D1, FE799FE4A41752A2B47027EA88214BF3E39B317302939F4A2D0F2A4EFAAC2F13 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
16:23:00.0387 0x091c VolSnap - ok
16:23:00.0418 0x091c [ D6BA1A63D9E00933F1CD2A885573AFB2, 36311A060635CEC1DBB6D8A746B8A4D007706EAE97D51A5E12F9958AB16BE486 ] VSS C:\WINDOWS\System32\vssvc.exe
16:23:00.0449 0x091c VSS - ok
16:23:00.0496 0x091c [ FA4E1CDBA256787F2149F4AAD07BC91F, 1B5FC5248335D70094D04501AA2C30F54782B58FF8D573BE8E784A21529C7CAF ] W32Time C:\WINDOWS\system32\w32time.dll
16:23:00.0559 0x091c W32Time - ok
16:23:00.0574 0x091c [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
16:23:00.0653 0x091c Wanarp - ok
16:23:00.0653 0x091c WDICA - ok
16:23:00.0699 0x091c [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
16:23:00.0762 0x091c wdmaud - ok
16:23:00.0778 0x091c [ 47AE51048A82DFA1CD6B51D369F7E169, 742F2162B8BDE00D83715093EA9743338964597ED22648B9F4F139D7278235A4 ] WebClient C:\WINDOWS\System32\webclnt.dll
16:23:00.0856 0x091c WebClient - ok
16:23:00.0934 0x091c [ E488332126E3B1182D2B8A0C35408EC6, F9F60911DF0A539753B2BEF6FAD2D0AED1BC1C3F43509F79D9AF2F810CDE5D9B ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
16:23:01.0028 0x091c winmgmt - ok
16:23:01.0074 0x091c [ C51B4A5C05A5475708E3C81C7765B71D, F776D2680BD3407307B7072626F78460361FC5BC38623C9E16F394D300AB25DE ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
16:23:01.0090 0x091c WmdmPmSN - ok
16:23:01.0121 0x091c [ 0171CFF34BBA8C5977F18C48D8AEF8C6, 0E3E04220157CCFB92F8D029805EB56D101C2A3AB3375354537FA9B5B3CAA0AD ] Wmi C:\WINDOWS\System32\advapi32.dll
16:23:01.0168 0x091c Wmi - ok
16:23:01.0184 0x091c [ 23F6F03272F7E5679F1F050AED5ACEE6, 87EBE773F3E8FFE2F1E1DB435BB0E8852031AA88112EB791085AD3DA918B49CC ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
16:23:01.0246 0x091c WmiApSrv - ok
16:23:01.0340 0x091c [ 3739866D20ABD42F26A7B85F9E2560AF, 9DD01194A553590146A1A1D790B2F891D244C8C0EE34DA423CF2B1F7418BD3AC ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
16:23:01.0387 0x091c WMPNetworkSvc - ok
16:23:01.0418 0x091c [ 6ABE6E225ADB5A751622A9CC3BC19CE8, 4061C5D0F051DFF1730E2A3BFC1CCA97B29602FC50F10F6B44D93B0D28F42024 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
16:23:01.0481 0x091c WS2IFSL - ok
16:23:01.0528 0x091c [ 4C86D5FAF78194995AF9CC1075F65DD3, D3B23BB0971E0DBC0A51720067489C224323B603178E91149BF56F779DE352F0 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
16:23:01.0590 0x091c wscsvc - ok
16:23:01.0621 0x091c [ C98B39829C2BBD34E454150633C62C78, 71B60EA3AD0E2637917D528C6A9E7ECF2949E3E5E91036AA5BBADA95BD725511 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
16:23:01.0684 0x091c WSTCODEC - ok
16:23:01.0715 0x091c [ C1364564800EE9784192145324A23308, 5345BAE00364233594C9CF99CE2CC485E65B5D4FFBB81C86B2950EDA2427584C ] wuauserv C:\WINDOWS\system32\wuauserv.dll
16:23:01.0793 0x091c wuauserv - ok
16:23:01.0840 0x091c [ F15FEAFFFBB3644CCC80C5DA584E6311, 79B3E9AF35976CE49921E9BEA3BA3B4A8AF762FD3F284B62954038B5FFB32471 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
16:23:01.0840 0x091c WudfPf - ok
16:23:01.0856 0x091c [ 28B524262BCE6DE1F7EF9F510BA3985B, AEFF02B899801A63CBB262757C3D4369E38BFF0690BD085DE60E873DFBE3C3F4 ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
16:23:01.0871 0x091c WudfRd - ok
16:23:01.0887 0x091c [ 05231C04253C5BC30B26CBAAE680ED89, 5C03C2D7E0B573646D32F4093E2FF2C3BA391C39F5BA37D67F69D38E357FCC3D ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
16:23:01.0903 0x091c WudfSvc - ok
16:23:01.0949 0x091c [ A27D4BA7264C0BF52F32D10405BEA1D4, 5F28607CCAB15FB601BEB35FF0B1A5CD27C678C6D1CA724E842C33EED4579B8C ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
16:23:02.0012 0x091c WZCSVC - ok
16:23:02.0043 0x091c [ EAA4BB9EDB3FB10CF8979FE65E63658F, B80EB477100FD3E26513360E09DB6EBF0C8D8B0618F1F4BF1F387ABA6DEC9B64 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
16:23:02.0121 0x091c xmlprov - ok
16:23:02.0121 0x091c ================ Scan global ===============================
16:23:02.0153 0x091c [ F36278E42C8C5DF03CE17DAC8231C91C, D012A3C8F394DF4F0BF5D5A4C10E73BBF427762B7D3DB6CF5FAB96536E082B7A ] C:\WINDOWS\system32\basesrv.dll
16:23:02.0199 0x091c [ 4C0AA4ABC4E21672B55D8A700AF2B2A6, FAC6B8E2698D0EB12A0ACE62EA398AD05AB6AC5C39740A1E8BDAAF0BFDD5B4A3 ] C:\WINDOWS\system32\winsrv.dll
16:23:02.0231 0x091c [ 4C0AA4ABC4E21672B55D8A700AF2B2A6, FAC6B8E2698D0EB12A0ACE62EA398AD05AB6AC5C39740A1E8BDAAF0BFDD5B4A3 ] C:\WINDOWS\system32\winsrv.dll
16:23:02.0246 0x091c [ 9EF697AF07BB8DD82C3B02CA953A95B7, F26033E660B8FF1BDB9E88CDA205CE128C03138AF6BEC05DB3CF2D95C16D86C6 ] C:\WINDOWS\system32\services.exe
16:23:02.0246 0x091c [ Global ] - ok
16:23:02.0246 0x091c ================ Scan MBR ==================================
16:23:02.0262 0x091c [ 413FC2A0C716421B3158746D63736515 ] \Device\Harddisk0\DR0
16:23:02.0496 0x091c \Device\Harddisk0\DR0 - ok
16:23:02.0496 0x091c ================ Scan VBR ==================================
16:23:02.0496 0x091c [ 46984E58A369522DB7779FD949572B50 ] \Device\Harddisk0\DR0\Partition1
16:23:02.0496 0x091c \Device\Harddisk0\DR0\Partition1 - ok
16:23:02.0496 0x091c ================ Scan generic autorun ======================
16:23:02.0512 0x091c NvCplDaemon - ok
16:23:02.0512 0x091c NvMediaCenter - ok
16:23:02.0637 0x091c [ 6E0F29BD0E792618FF285AB094F4DCEF, 6BED26091EE890ABEFD31B95E1DCADE27C8775E580D201C6071D851FB5BB20BC ] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe
16:23:02.0699 0x091c nwiz - ok
16:23:03.0231 0x091c [ B4D56CBFB7E3A1D380561D4CA3E3DC12, 8725522C4BEB328825E790F3409F767EC7FB23A9E0ABEB1AC66A5C5870B610C5 ] C:\WINDOWS\RTHDCPL.EXE
16:23:03.0996 0x091c RTHDCPL - ok
16:23:04.0059 0x091c [ EBC0E8C0A4DDA2C32A7D5863462A321A, 2F410138DB66D0219254339F1F098E401CEDAA032596F1F67BC54F394256FC68 ] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe
16:23:04.0074 0x091c amd_dc_opt - detected UnsignedFile.Multi.Generic ( 1 )
16:23:06.0403 0x091c Detect skipped due to KSN trusted
16:23:06.0403 0x091c amd_dc_opt - ok
16:23:06.0528 0x091c [ 63ACD413A25E65C3BF08790C16BA97C2, 8A14C623BB79A0964E4D9F220BE77360171123B59B2AAFD1DBD9D9080586E082 ] C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
16:23:06.0653 0x091c LogMeIn Hamachi Ui - ok
16:23:06.0856 0x091c [ 312C7978F0A42DB0475CE31D884DCE88, 53DBEF2473F39754BB1BC352DB9A32607FD3A2E2DC5E7AA6AE821CABEC00CCD1 ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
16:23:06.0996 0x091c AvastUI.exe - ok
16:23:07.0059 0x091c [ A756B8F0F7BAFBA6DFE39F7D169F2519, 5338DE8FCA5182A919AAADFA5D130BB93069E3675B834D96CFF68C32433B3BDE ] C:\WINDOWS\system32\CTFMON.EXE
16:23:07.0121 0x091c CTFMON.EXE - ok
16:23:07.0246 0x091c [ 8AAC2D94D1C6A4F2FBFCDDF21FC0258E, 4C5016D9599930FCF3CD8E2BDACE5EC767829D4188B3CCF5D23BDE8609BD64F9 ] C:\Program Files\Weather\Weather.exe
16:23:07.0262 0x091c cfweatherStation - detected UnsignedFile.Multi.Generic ( 1 )
16:23:09.0793 0x091c cfweatherStation ( UnsignedFile.Multi.Generic ) - warning
16:23:12.0153 0x091c [ A756B8F0F7BAFBA6DFE39F7D169F2519, 5338DE8FCA5182A919AAADFA5D130BB93069E3675B834D96CFF68C32433B3BDE ] C:\WINDOWS\system32\ctfmon.exe
16:23:12.0199 0x091c ctfmon.exe - ok
16:23:12.0215 0x091c [ A756B8F0F7BAFBA6DFE39F7D169F2519, 5338DE8FCA5182A919AAADFA5D130BB93069E3675B834D96CFF68C32433B3BDE ] C:\WINDOWS\system32\CTFMON.EXE
16:23:12.0278 0x091c CTFMON.EXE - ok
16:23:12.0293 0x091c AV detected via SS1: avast! Antivirus, 5.0.167774368, disabled, updated
16:23:12.0309 0x091c Win FW state via NFM: enabled
16:23:14.0653 0x091c ============================================================
16:23:14.0653 0x091c Scan finished
16:23:14.0653 0x091c ============================================================
16:23:14.0653 0x0838 Detected object count: 1
16:23:14.0653 0x0838 Actual detected object count: 1
16:23:48.0621 0x0838 cfweatherStation ( UnsignedFile.Multi.Generic ) - skipped by user
16:23:48.0621 0x0838 cfweatherStation ( UnsignedFile.Multi.Generic ) - User select action: Skip


mbar nic nenašel,restart neproběhl...log vkládám.

Malwarebytes Anti-Rootkit BETA 1.08.3.1004
www.malwarebytes.org

Database version:
main: v2015.01.23.04
rootkit: v2015.01.14.01

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Uživatel :: U-398F8DF968D14 [administrator]

23.1.2015 16:30:19
mbar-log-2015-01-23 (16-30-19).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 438241
Time elapsed: 8 minute(s), 28 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: asi nějaký vir??

#24 Příspěvek od Márty84 »

:arrow:
vyosek píše: :arrow: DelFix https://toolslib.net/downloads/finish/2/
  • Stahnete a spustte
  • Ponechte zatrzitkou pouze u volby Remote disinfection tools
  • Kliknete na Run

:???: Co pc, nastala nejaka zmena?
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
dapemato
Návštěvník
Návštěvník
Příspěvky: 97
Registrován: 26 črc 2011 14:20

Re: asi nějaký vir??

#25 Příspěvek od dapemato »

# DelFix v10.8 - Logfile created 23/01/2015 at 18:20:51
# Updated 29/07/2014 by Xplode
# Username : Uživatel - U-398F8DF968D14
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)

~ Removing disinfection tools ...

Deleted : C:\Qoobox
Deleted : C:\Documents and Settings\Uživatel\Plocha\mbar
Deleted : C:\ComboFix.exe
Deleted : C:\ComboFix.txt
Deleted : C:\TDSSKiller.3.0.0.44_23.01.2015_16.20.13_log.txt
Deleted : C:\WINDOWS\grep.exe
Deleted : C:\WINDOWS\PEV.exe
Deleted : C:\WINDOWS\NIRCMD.exe
Deleted : C:\WINDOWS\MBR.exe
Deleted : C:\WINDOWS\SED.exe
Deleted : C:\WINDOWS\SWREG.exe
Deleted : C:\WINDOWS\SWSC.exe
Deleted : C:\WINDOWS\SWXCACLS.exe
Deleted : C:\WINDOWS\Zip.exe
Deleted : HKLM\SOFTWARE\Swearware
Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\combofix.exe

########## - EOF - ##########


a pořád nejde se připojit přes internet explorer na maily ani facebook a pořád se mi nedaří rozchodit skype... :( :( :(
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: asi nějaký vir??

#26 Příspěvek od Márty84 »

Dejte nove logy z FRST http://forum.viry.cz/viewtopic.php?f=30&t=133101 Nekde je zrada :twisted:
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
dapemato
Návštěvník
Návštěvník
Příspěvky: 97
Registrován: 26 črc 2011 14:20

Re: asi nějaký vir??

#27 Příspěvek od dapemato »

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 24-01-2015 01
Ran by Uživatel (administrator) on U-398F8DF968D14 on 24-01-2015 21:40:19
Running from C:\Documents and Settings\Uživatel\Plocha
Loaded Profiles: Uživatel & UpdatusUser (Available profiles: Uživatel & UpdatusUser)
Platform: Systém Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: Čeština
Internet Explorer Version 8 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\WINDOWS\system32\rundll32.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE
(LogMeIn Inc.) C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(weather-life.com) C:\Program Files\Weather\weather.exe
(ZONER software) C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTray.exe
() C:\Program Files\Weather\usbwr.exe
(LogMeIn, Inc.) C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe
(NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe
() C:\WINDOWS\system32\PnkBstrA.exe
(LogMeIn Inc.) C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
(Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Valve Corporation) C:\Program Files\Steam\Steam.exe
(Valve Corporation) C:\Program Files\Steam\bin\steamwebhelper.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(forum.viry.cz) C:\Documents and Settings\Uživatel\Plocha\FRSTLauncher.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [NvMediaCenter] => RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login
HKLM\...\Run: [nwiz] => C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [1982312 2013-03-15] ()
HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [18702336 2013-04-23] (Realtek Semiconductor Corp.)
HKLM\...\Run: [amd_dc_opt] => C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [3838800 2014-12-13] (LogMeIn Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-01-21] (AVAST Software)
HKU\S-1-5-21-1644491937-73586283-682003330-1003\...\Run: [cfweatherStation] => C:\Program Files\Weather\Weather.exe [536064 2008-07-16] (weather-life.com)
HKU\S-1-5-21-1644491937-73586283-682003330-1003\...\Run: [Zoner Photo Studio Autoupdate] => C:\PROGRAM FILES\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE [773728 2012-12-04] (ZONER software)
HKU\S-1-5-21-1644491937-73586283-682003330-1003\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [30879328 2014-12-11] (Skype Technologies S.A.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)
BootExecute: autocheck autochk * aswBoot.exe /M:203cdca2 /dir:C:\Program

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-1644491937-73586283-682003330-1003\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-1644491937-73586283-682003330-1003\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/
HKU\S-1-5-21-1644491937-73586283-682003330-1003\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
URLSearchHook: [S-1-5-21-1644491937-73586283-682003330-1004] ATTENTION ==> Default URLSearchHook is missing.
SearchScopes: HKLM -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=s ... earchTerms}
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1644491937-73586283-682003330-1003 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=s ... earchTerms}
SearchScopes: HKU\S-1-5-21-1644491937-73586283-682003330-1003 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1644491937-73586283-682003330-1003 -> {2910A40F-3882-452F-A83F-6892F0A50582} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_12454
SearchScopes: HKU\S-1-5-21-1644491937-73586283-682003330-1003 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=s ... earchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKU\S-1-5-21-1644491937-73586283-682003330-1003 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shoc ... tor/sw.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/pub/s ... wflash.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Uživatel\Data aplikací\Mozilla\Firefox\Profiles\n3t41v53.default
FF Plugin: @adobe.com/ShockwavePlayer -> C:\WINDOWS\system32\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll No File
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll No File
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll No File
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1644491937-73586283-682003330-1003: @unity3d.com/UnityPlayer,version=1.0 -> C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-1644491937-73586283-682003330-1003: ubisoft.com/uplaypc -> C:\Program Files\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll No File
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2013-10-17]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-01-21]
FF Extension: No Name - C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found]

Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR Profile: C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default
CHR Extension: (Docs) - C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-04-26]
CHR Extension: (Google Drive) - C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-04-26]
CHR Extension: (Seznam Lištička - Email) - C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2013-04-29]
CHR Extension: (Seznam Lištička - Slovník) - C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2013-04-29]
CHR Extension: (YouTube) - C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-04-26]
CHR Extension: (Google Search) - C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-04-26]
CHR Extension: (Skype Click to Call) - C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-06-16]
CHR Extension: (Seznam Lištička - Rychlá volba) - C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2013-04-29]
CHR Extension: (Gmail) - C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-04-26]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-01-21]
CHR HKU\S-1-5-21-1644491937-73586283-682003330-1003\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - No Path

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2015-01-21] (AVAST Software)
R2 Hamachi2Svc; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [1895760 2014-12-13] (LogMeIn Inc.)
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
R2 LMIGuardianSvc; C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe [411920 2014-12-02] (LogMeIn, Inc.)
R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [75136 2013-10-04] ()

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 Ambfilt; C:\WINDOWS\System32\drivers\Ambfilt.sys [1684736 2013-04-23] (Creative)
R2 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [24184 2015-01-21] ()
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [70384 2015-01-21] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [55240 2015-01-21] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49944 2015-01-21] ()
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [787800 2015-01-21] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [423784 2015-01-21] (AVAST Software)
R1 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57928 2015-01-21] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [206248 2015-01-21] ()
R2 atksgt; C:\WINDOWS\System32\DRIVERS\atksgt.sys [278984 2013-05-22] ()
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
S2 DgiVecp; C:\WINDOWS\system32\Drivers\DgiVecp.sys [38400 2009-02-04] (Samsung Electronics Co., Ltd.) [File not signed]
R3 hamachi; C:\WINDOWS\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
R2 lirsgt; C:\WINDOWS\System32\DRIVERS\lirsgt.sys [25416 2013-05-22] ()
S3 Monfilt; C:\WINDOWS\System32\drivers\Monfilt.sys [1389056 2013-04-23] (Creative Technology Ltd.)
R3 MTsensor; C:\WINDOWS\System32\DRIVERS\ASACPI.sys [5810 2013-04-23] ()
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
R3 NVHDA; C:\WINDOWS\System32\drivers\nvhda32.sys [128440 2012-12-19] (NVIDIA Corporation)
R0 sfdrv01; C:\WINDOWS\System32\drivers\sfdrv01.sys [50688 2005-08-10] (Protection Technology) [File not signed]
R0 sfhlp02; C:\WINDOWS\System32\drivers\sfhlp02.sys [6656 2005-05-16] (Protection Technology) [File not signed]
R0 sfvfs02; C:\WINDOWS\System32\drivers\sfvfs02.sys [66048 2005-09-29] (Protection Technology) [File not signed]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S4 IntelIde; No ImagePath
S3 lmimirr; system32\DRIVERS\lmimirr.sys [X]
S2 SSPORT; \??\C:\WINDOWS\system32\Drivers\SSPORT.sys [X]

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-24 21:40 - 2015-01-24 21:40 - 00014766 _____ () C:\Documents and Settings\Uživatel\Plocha\FRST.txt
2015-01-24 21:39 - 2015-01-24 21:40 - 00000000 ____D () C:\FRST
2015-01-24 21:38 - 2015-01-24 21:38 - 00112640 _____ (forum.viry.cz) C:\Documents and Settings\Uživatel\Plocha\FRSTLauncher.exe
2015-01-24 21:37 - 2015-01-24 21:37 - 01120768 _____ (Farbar) C:\Documents and Settings\Uživatel\Plocha\FRST.exe
2015-01-23 16:29 - 2015-01-23 16:39 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\Malwarebytes' Anti-Malware (portable)
2015-01-23 16:29 - 2015-01-23 16:29 - 00119512 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-01-23 16:27 - 2015-01-23 16:27 - 16466552 _____ (Malwarebytes Corp.) C:\Documents and Settings\Uživatel\Plocha\mbar-1.08.3.1004.exe
2015-01-23 16:27 - 2015-01-23 16:27 - 00108632 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-01-22 19:59 - 2015-01-24 21:40 - 00000000 ____D () C:\Documents and Settings\Uživatel\Local Settings\temp
2015-01-22 19:59 - 2015-01-24 17:43 - 00000000 ____D () C:\Documents and Settings\LocalService\Local Settings\temp
2015-01-22 19:59 - 2015-01-22 19:59 - 00000000 ____D () C:\Documents and Settings\UpdatusUser\Local Settings\temp
2015-01-22 19:59 - 2015-01-22 19:59 - 00000000 ____D () C:\Documents and Settings\NetworkService\Local Settings\temp
2015-01-22 19:59 - 2015-01-22 19:59 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\temp
2015-01-22 17:12 - 2015-01-22 17:12 - 00000000 _RSHD () C:\cmdcons
2015-01-22 17:12 - 2004-08-03 23:00 - 00261312 __RSH () C:\cmldr
2015-01-22 17:09 - 2015-01-22 17:26 - 00000000 ____D () C:\WINDOWS\erdnt
2015-01-22 17:09 - 2015-01-22 17:09 - 00000000 ___RD () C:\Documents and Settings\Uživatel\Nabídka Start\Programy\Nástroje pro správu
2015-01-21 18:21 - 2015-01-21 18:21 - 00000000 ____D () C:\Documents and Settings\Uživatel\Data aplikací\AVAST Software
2015-01-21 18:20 - 2015-01-21 18:20 - 00000000 ____D () C:\WINDOWS\jumpshot.com
2015-01-21 18:19 - 2015-01-21 18:19 - 00001731 _____ () C:\Documents and Settings\All Users\Plocha\Avast Free Antivirus.lnk
2015-01-21 18:19 - 2015-01-21 18:18 - 00024184 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys
2015-01-21 18:18 - 2015-01-21 18:18 - 00291352 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2015-01-21 18:18 - 2015-01-21 18:18 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2015-01-21 18:17 - 2015-01-21 18:18 - 00206248 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys
2015-01-21 18:17 - 2015-01-21 18:18 - 00070384 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2015-01-21 18:17 - 2015-01-21 18:18 - 00049944 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys
2015-01-21 18:12 - 2015-01-21 18:12 - 00065536 _____ () C:\WINDOWS\Minidump\Mini012115-01.dmp
2015-01-21 18:09 - 2015-01-24 18:19 - 00000364 ____H () C:\WINDOWS\Tasks\avast! Emergency Update.job
2015-01-21 18:09 - 2015-01-21 18:25 - 00787800 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys
2015-01-21 18:09 - 2015-01-21 18:25 - 00423784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys
2015-01-21 18:09 - 2015-01-21 18:18 - 00057928 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswTdi.sys
2015-01-21 18:09 - 2015-01-21 18:18 - 00055240 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr.sys
2015-01-20 20:38 - 2015-01-20 20:39 - 00712920 _____ () C:\Documents and Settings\Uživatel\Plocha\2015_01_20_zaloha.reg
2015-01-20 20:31 - 2015-01-23 18:20 - 00000863 _____ () C:\DelFix.txt
2015-01-18 14:25 - 2015-01-18 14:25 - 00000000 ____D () C:\Documents and Settings\U×ivatel\Local Settings\Temp
2015-01-18 14:25 - 2015-01-18 14:25 - 00000000 ____D () C:\Documents and Settings\U×ivatel
2015-01-17 13:48 - 2015-01-17 13:48 - 00000000 ____D () C:\WINDOWS\ERUNT
2015-01-17 12:18 - 2015-01-17 12:18 - 00460734 _____ () C:\Documents and Settings\Uživatel\Plocha\avast hláška.bmp
2015-01-15 15:28 - 2015-01-22 13:52 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\CenlEdosu
2015-01-03 12:08 - 2015-01-03 12:09 - 00000000 ____D () C:\Documents and Settings\Uživatel\Dokumenty\Stažené soubory
2015-01-03 12:06 - 2015-01-03 12:06 - 00000000 ____D () C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Mozilla
2015-01-03 12:06 - 2015-01-03 12:06 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\Mozilla

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-24 21:40 - 2013-04-23 11:47 - 00000000 ____D () C:\Program Files\Weather
2015-01-24 21:40 - 2013-04-22 14:34 - 00000000 ____D () C:\Documents and Settings\Uživatel\Plocha
2015-01-24 21:39 - 2013-04-22 14:34 - 00000000 ___HD () C:\Documents and Settings\Uživatel\Local Settings\Data aplikací
2015-01-24 21:37 - 2013-04-23 08:00 - 00027162 _____ () C:\WINDOWS\system32\nvAppTimestamps
2015-01-24 21:22 - 2013-04-29 16:02 - 00000000 ____D () C:\Documents and Settings\Uživatel\Data aplikací\Skype
2015-01-24 21:18 - 2013-04-22 14:30 - 01995580 _____ () C:\WINDOWS\WindowsUpdate.log
2015-01-24 19:53 - 2013-04-23 11:38 - 00000000 ____D () C:\Program Files\Steam
2015-01-24 14:56 - 2013-09-19 19:08 - 00000000 ____D () C:\Documents and Settings\All Users\Nabídka Start\Programy\World of Tanks
2015-01-24 14:56 - 2013-04-23 10:12 - 00000000 ___RD () C:\Documents and Settings\Uživatel\Plocha\MATY
2015-01-24 14:56 - 2013-04-22 16:24 - 00000000 ____D () C:\Documents and Settings\All Users\Plocha
2015-01-24 14:41 - 2014-03-01 08:44 - 00002283 _____ () C:\Documents and Settings\All Users\Plocha\Skype.lnk
2015-01-24 11:22 - 2013-04-29 16:01 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\Skype
2015-01-24 11:16 - 2014-02-07 20:45 - 00000000 ____D () C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\LogMeIn Hamachi
2015-01-24 11:16 - 2014-02-07 20:45 - 00000000 ____D () C:\Documents and Settings\LocalService\Local Settings\Data aplikací\LogMeIn Hamachi
2015-01-24 11:16 - 2013-04-22 16:26 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2015-01-24 11:16 - 2013-04-22 16:26 - 00000049 _____ () C:\WINDOWS\wiaservc.log
2015-01-24 11:16 - 2013-04-22 14:33 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-01-23 23:16 - 2013-04-22 14:34 - 00000178 ___SH () C:\Documents and Settings\Uživatel\ntuser.ini
2015-01-23 23:16 - 2013-04-22 14:33 - 00032554 _____ () C:\WINDOWS\SchedLgU.Txt
2015-01-23 16:29 - 2013-04-22 16:24 - 00000000 __RHD () C:\Documents and Settings\All Users\Data aplikací
2015-01-22 19:56 - 2008-04-14 13:00 - 00000227 _____ () C:\WINDOWS\system.ini
2015-01-22 19:48 - 2013-04-23 07:56 - 00000178 ___SH () C:\Documents and Settings\UpdatusUser\ntuser.ini
2015-01-22 19:48 - 2013-04-22 14:34 - 00000000 __RHD () C:\Documents and Settings\Uživatel\Data aplikací
2015-01-22 18:55 - 2013-04-23 11:31 - 00000000 ____D () C:\Program Files\Richard Burns Rally
2015-01-22 17:55 - 2013-04-29 18:14 - 00000000 ____D () C:\Documents and Settings\Uživatel\Dokumenty\Euro Truck Simulator 2
2015-01-22 17:52 - 2013-04-23 10:12 - 00000000 ___RD () C:\Documents and Settings\Uživatel\Plocha\tomik zákaz klikání
2015-01-22 17:12 - 2013-04-22 16:23 - 00000339 __RSH () C:\boot.ini
2015-01-22 17:09 - 2013-04-22 14:34 - 00000000 ___RD () C:\Documents and Settings\Uživatel\Nabídka Start\Programy
2015-01-22 06:56 - 2013-04-22 14:34 - 00000000 ___RD () C:\Documents and Settings\Uživatel\Dokumenty
2015-01-21 18:19 - 2013-04-22 16:24 - 00000000 ____D () C:\Documents and Settings\All Users\Nabídka Start\Programy
2015-01-21 18:17 - 2013-04-22 14:31 - 00002504 _____ () C:\WINDOWS\system32\CONFIG.NT
2015-01-21 18:14 - 2013-04-26 16:41 - 00000000 ____D () C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Google
2015-01-21 18:12 - 2013-05-09 10:53 - 00000000 ____D () C:\WINDOWS\Minidump
2015-01-21 18:12 - 2013-04-22 16:19 - 211369984 _____ () C:\WINDOWS\MEMORY.DMP
2015-01-21 18:08 - 2014-06-14 09:27 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\AVAST Software
2015-01-21 18:08 - 2013-04-23 10:56 - 00000000 ____D () C:\Program Files\AVAST Software
2015-01-20 20:43 - 2014-11-17 19:59 - 00000000 ____D () C:\Program Files\Defraggler
2015-01-20 20:42 - 2014-11-17 19:59 - 00001580 _____ () C:\Documents and Settings\All Users\Plocha\Defraggler.lnk
2015-01-20 20:37 - 2014-07-31 09:36 - 00000000 ____D () C:\Documents and Settings\Uživatel\Data aplikací\uTorrent
2015-01-20 20:37 - 2013-09-09 18:18 - 00000000 ____D () C:\Documents and Settings\Uživatel\Data aplikací\Media Player Classic
2015-01-20 20:37 - 2013-04-22 14:34 - 00000000 ____D () C:\Documents and Settings\Uživatel
2015-01-19 21:02 - 2014-09-19 22:00 - 00257016 _____ () C:\Documents and Settings\LocalService\Local Settings\Data aplikací\FontCache3.0.0.0.dat
2015-01-19 21:02 - 2013-04-22 14:33 - 00000000 ___HD () C:\Documents and Settings\LocalService\Local Settings\Data aplikací
2015-01-18 20:51 - 2013-04-23 10:11 - 00000000 ____D () C:\Documents and Settings\Uživatel\Plocha\david
2015-01-16 22:40 - 2013-04-23 11:44 - 00000000 ____D () C:\Program Files\trend micro
2015-01-16 22:23 - 2008-04-14 13:00 - 00013646 _____ () C:\WINDOWS\system32\wpa.dbl
2015-01-16 22:07 - 2014-11-17 19:59 - 00001813 _____ () C:\Documents and Settings\All Users\Plocha\Google Chrome.lnk
2015-01-16 16:33 - 2014-05-14 15:56 - 00000000 ____D () C:\Program Files\WarThunder
2015-01-16 13:20 - 2013-04-23 11:44 - 00000000 ____D () C:\Program Files\Turtix
2015-01-16 12:21 - 2013-04-22 14:30 - 00000000 ____D () C:\WINDOWS\system32\DirectX
2015-01-14 20:56 - 2013-08-14 20:23 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-01-14 20:52 - 2013-04-23 08:39 - 110348472 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-01-14 16:24 - 2013-04-27 11:15 - 00701616 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2015-01-14 16:24 - 2013-04-27 11:15 - 00071344 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2015-01-12 17:59 - 2013-04-26 18:02 - 00000000 ____D () C:\Documents and Settings\Uživatel\Dokumenty\My Games
2015-01-05 22:01 - 2013-04-22 14:34 - 00000000 ___RD () C:\Documents and Settings\Uživatel\Oblíbené položky
2015-01-05 15:07 - 2013-04-23 11:36 - 00000000 ___RD () C:\Program Files\Skype
2015-01-03 12:12 - 2013-04-26 16:50 - 00054272 _____ () C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-01-03 12:06 - 2013-06-01 11:11 - 00000000 ____D () C:\Documents and Settings\Uživatel\Data aplikací\Mozilla
2014-12-30 22:11 - 2014-03-24 21:21 - 00000000 ____D () C:\Documents and Settings\Uživatel\Plocha\Nehrane hry

==================== Files in the root of some directories =======

2014-03-18 21:54 - 2014-03-18 21:54 - 33908960 _____ () C:\Program Files\AvatarGameCZ.exe
2013-10-04 15:33 - 2013-10-04 15:33 - 4241280 _____ (Dll-Files.com ) C:\Program Files\dffsetup-d3d11.exe
2013-06-10 18:44 - 2013-06-10 18:44 - 0011291 _____ () C:\Documents and Settings\Uživatel\Data aplikací\SmarThruOptions.xml
2013-04-26 16:50 - 2015-01-03 12:12 - 0054272 _____ () C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed




===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: () (Fixed) (Total:298.08 GB) (Free:32.85 GB) NTFS ==>[Drive with boot components (Windows XP)]

Available physical RAM: 2182.55 MB
Total physical RAM: 3071.11 MB
Percentage of memory in use: 28%

==================== MBR and Partition Table ==================

Disk: 0 (Size: 298.1 GB) (Disk ID: C0F2C0F2)
Partition 1: (Active) - (Size=298.1 GB) - (Type=07 NTFS)

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\avast! Emergency Update.job => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: avast! Antivirus (Disabled - Up to date) {7591DB91-41F0-48A3-B128-1A293FD8233D}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Documents and Settings\Uivatel\Plocha" je 5003 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]


[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"


[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\NVIDIA Corporation\\NVIDIA Update Core\\daemonu.exe"="C:\\Program Files\\NVIDIA Corporation\\NVIDIA Update Core\\daemonu.exe:*:Enabled:Daemonu.exe"
"C:\\TopCD\\Traktor 3\\farm2012.dll"="C:\\TopCD\\Traktor 3\\farm2012.dll:*:Disabled:Agrar Simulator 2011"
"C:\\Documents and Settings\\All Users\\Data aplikac\\Battle.net\\Agent\\Agent.2045\\Agent.exe"="C:\\Documents and Settings\\All Users\\Data aplikac\\Battle.net\\Agent\\Agent.2045\\Agent.exe:*:Enabled:Battle.net Update Agent"
"C:\\Games\\World_of_Tanks\\WoTLauncher.exe"="C:\\Games\\World_of_Tanks\\WoTLauncher.exe:*:Enabled:World of Tanks Launcher"
"C:\\Program Files\\Steam\\SteamApps\\common\\Mafia II\\pc\\mafia2.exe"="C:\\Program Files\\Steam\\SteamApps\\common\\Mafia II\\pc\\mafia2.exe:*:Enabled:Mafia II"
"C:\\WINDOWS\\system32\\PnkBstrA.exe"="C:\\WINDOWS\\system32\\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\\WINDOWS\\system32\\PnkBstrB.exe"="C:\\WINDOWS\\system32\\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\\TopCD\\Traktor 2\\game.exe"="C:\\TopCD\\Traktor 2\\game.exe:*:Enabled:GIANTS Game Engine"
"C:\\Program Files\\Steam\\Steam.exe"="C:\\Program Files\\Steam\\Steam.exe:*:Enabled:Steam"
"C:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Dx9.exe"="C:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Dx9.exe:*:Enabled:Assassin's Creed Dx9"
"C:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Dx10.exe"="C:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Dx10.exe:*:Enabled:Assassin's Creed Dx10"
"C:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Launcher.exe"="C:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Launcher.exe:*:Enabled:Assassin's Creed Update"
"C:\\Games\\World_of_Tanks\\WorldOfTanks.exe"="C:\\Games\\World_of_Tanks\\WorldOfTanks.exe:*:Enabled:World of Tanks"
"C:\\Documents and Settings\\All Users\\Data aplikac\\Electronic Arts\\Need For Speed World\\Data\\nfsw.exe"="C:\\Documents and Settings\\All Users\\Data aplikac\\Electronic Arts\\Need For Speed World\\Data\\nfsw.exe:*:Enabled:Need for Speed World"
"C:\\Program Files\\Ubisoft\\James Cameron's AVATAR - THE GAME\\bin\\Avatar.exe"="C:\\Program Files\\Ubisoft\\James Cameron's AVATAR - THE GAME\\bin\\Avatar.exe:*:Enabled:James Cameron's AVATAR(tm): THE GAME"
"C:\\Program Files\\Ubisoft\\James Cameron's AVATAR - THE GAME\\bin\\AvatarLauncher.exe"="C:\\Program Files\\Ubisoft\\James Cameron's AVATAR - THE GAME\\bin\\AvatarLauncher.exe:*:Enabled:Updater"
"C:\\Documents and Settings\\All Users\\Data aplikac\\Battle.net\\Agent\\Agent.2880\\Agent.exe"="C:\\Documents and Settings\\All Users\\Data aplikac\\Battle.net\\Agent\\Agent.2880\\Agent.exe:*:Enabled:Battle.net Update Agent"
"C:\\Program Files\\Steam\\SteamApps\\common\\LEGO Marvel Super Heroes\\LEGOMARVEL.exe"="C:\\Program Files\\Steam\\SteamApps\\common\\LEGO Marvel Super Heroes\\LEGOMARVEL.exe:*:Enabled:LEGO MARVEL Super Heroes"
"C:\\Program Files\\EA GAMES\\Need for Speed Underground 2\\speed2.exe"="C:\\Program Files\\EA GAMES\\Need for Speed Underground 2\\speed2.exe:*:Enabled:speed2"
"C:\\Documents and Settings\\Uivatel\\Data aplikac\\uTorrent\\utorrent.exe"="C:\\Documents and Settings\\Uivatel\\Data aplikac\\uTorrent\\utorrent.exe:*:Enabled:Torrent"
"C:\\Program Files\\Electronic Arts\\Crytek\\Crysis 2\\bin32\\Crysis2.exe"="C:\\Program Files\\Electronic Arts\\Crytek\\Crysis 2\\bin32\\Crysis2.exe:*:Disabled:Crysis2"
"C:\\Program Files\\Steam\\SteamApps\\common\\MXGP - The Official Motocross Videogame Demo\\MXGP.exe"="C:\\Program Files\\Steam\\SteamApps\\common\\MXGP - The Official Motocross Videogame Demo\\MXGP.exe:*:Enabled:MXGP - The Official Motocross Videogame Demo"
"C:\\Program Files\\Steam\\SteamApps\\common\\Batman Arkham City Demo\\Binaries\\Win32\\BatmanAC.exe"="C:\\Program Files\\Steam\\SteamApps\\common\\Batman Arkham City Demo\\Binaries\\Win32\\BatmanAC.exe:*:Enabled:Batman: Arkham City Demo"
"C:\\Program Files\\Rockstar Games\\Rockstar Games Social Club\\RGSCLauncher.exe"="C:\\Program Files\\Rockstar Games\\Rockstar Games Social Club\\RGSCLauncher.exe:*:Enabled:Rockstar Games Social Club"
"C:\\Program Files\\Rockstar Games\\Grand Theft Auto IV\\LaunchGTAIV.exe"="C:\\Program Files\\Rockstar Games\\Grand Theft Auto IV\\LaunchGTAIV.exe:*:Enabled:Grand Theft Auto IV"
"C:\\Program Files\\Rockstar Games\\Grand Theft Auto IV\\GTAIV.exe"="C:\\Program Files\\Rockstar Games\\Grand Theft Auto IV\\GTAIV.exe:*:Enabled:Grand Theft Auto IV"
"C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe"="C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe:*:Enabled:Google Chrome"
"C:\\Program Files\\Java\\jre1.8.0_25\\bin\\javaw.exe"="C:\\Program Files\\Java\\jre1.8.0_25\\bin\\javaw.exe:*:Disabled:Java(TM) Platform SE binary"
"C:\\Program Files\\Steam\\SteamApps\\common\\Spintires\\SpinTires.exe"="C:\\Program Files\\Steam\\SteamApps\\common\\Spintires\\SpinTires.exe:*:Enabled:Spintires"
"C:\\Program Files\\Steam\\SteamApps\\common\\Euro Truck Simulator 2\\bin\\win_x86\\eurotrucks2.exe"="C:\\Program Files\\Steam\\SteamApps\\common\\Euro Truck Simulator 2\\bin\\win_x86\\eurotrucks2.exe:*:Enabled:Euro Truck Simulator 2"
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP"="139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004"
"445:TCP"="445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005"
"137:UDP"="137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001"
"138:UDP"="138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002"
"443:TCP"="443:TCP:*:Enabled:War Thunder"
"20010:UDP"="20010:UDP:*:Enabled:War Thunder"
"3478:UDP"="3478:UDP:*:Enabled:War Thunder"
"7850:TCP"="7850:TCP:*:Enabled:War Thunder"
"7852:TCP"="7852:TCP:*:Enabled:War Thunder"
"7853:TCP"="7853:TCP:*:Enabled:War Thunder"
"27022:TCP"="27022:TCP:*:Enabled:War Thunder"
"6881:TCP"="6881:TCP:*:Enabled:War Thunder"
"33333:TCP"="33333:TCP:*:Enabled:War Thunder"
"20443:TCP"="20443:TCP:*:Enabled:War Thunder"
"8090:TCP"="8090:TCP:*:Enabled:War Thunder"
"1900:UDP"="1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007"
"2869:TCP"="2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008"


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000


==================== End Of Log ==============================
Přílohy
Addition.zip
(8.39 KiB) Staženo 55 x
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: asi nějaký vir??

#28 Příspěvek od Márty84 »

dapemato píše:***** Velikost "Plochy" *****

Velikost slozky "C:\Documents and Settings\Uivatel\Plocha" je 5003 MB.
:arrow: Velikost plochy by nemela preshovat 200 - 300 MB! Brzdi to chod pc. Cili ji trosku uklidte a na plochu dejte jen zastupce. Jen pozor na obcasnou chybu, ze uzivatele maji na plose slozku, v ni dalsi a v ni dalsi a do te to schovaji. To je sice hezke, ale plochu to nezmensi, jen je to v jinem supliku :D



:arrow: Otevrete si poznamkovy blok a zkopirujte do nej tento skript

Kód: Vybrat vše

Start
CloseProcesses:
CreateRestorePoint:

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-1644491937-73586283-682003330-1003\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
URLSearchHook: [S-1-5-21-1644491937-73586283-682003330-1004] ATTENTION ==> Default URLSearchHook is missing.
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKU\S-1-5-21-1644491937-73586283-682003330-1003 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

CHR HKU\S-1-5-21-1644491937-73586283-682003330-1003\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - No Path

S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S4 IntelIde; No ImagePath
S3 lmimirr; system32\DRIVERS\lmimirr.sys [X]
S2 SSPORT; \??\C:\WINDOWS\system32\Drivers\SSPORT.sys [X]

2015-01-23 16:29 - 2015-01-23 16:39 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\Malwarebytes' Anti-Malware (portable)
2015-01-23 16:29 - 2015-01-23 16:29 - 00119512 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-01-23 16:27 - 2015-01-23 16:27 - 16466552 _____ (Malwarebytes Corp.) C:\Documents and Settings\Uživatel\Plocha\mbar-1.08.3.1004.exe
2015-01-23 16:27 - 2015-01-23 16:27 - 00108632 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-01-20 20:31 - 2015-01-23 18:20 - 00000863 _____ () C:\DelFix.txt

Hosts:
EmptyTemp:
Reboot:
End
Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev fixlist a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Spustte FRST, kliknete na napis Fix a program vykona prikazy.
Po restartu pc by se mel objevit novy log - s nazvem fixlog, ten mi sem zase zkopirujte.



:arrow: Znovu stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Spustte ho.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Clean
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
dapemato
Návštěvník
Návštěvník
Příspěvky: 97
Registrován: 26 črc 2011 14:20

Re: asi nějaký vir??

#29 Příspěvek od dapemato »

# AdwCleaner v4.109 - Report created 25/01/2015 at 19:50:02
# Updated 24/01/2015 by Xplode
# Database : 2015-01-25.1 [Live]
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Uživatel - U-398F8DF968D14
# Running from : C:\Documents and Settings\Uživatel\Plocha\adwcleaner_4.109.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\FileViewPro

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****


***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702


-\\ Mozilla Firefox v


-\\ Google Chrome v39.0.2171.99


-\\ Comodo Dragon v


*************************

AdwCleaner[R0].txt - [920 octets] - [25/01/2015 19:48:02]
AdwCleaner[S0].txt - [844 octets] - [25/01/2015 19:50:02]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [903 octets] ##########
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: asi nějaký vir??

#30 Příspěvek od Márty84 »

Tak jeste ten fixlog :)
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
Zamčeno

Zpět na „Preventivní kontroly logů“