ComboFix 15-05-19.01 - Vincek 21.05.2015 20:25:32.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3951.2161 [GMT 2:00]
Spuštěný z: c:\users\Vincek\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\Thumbs.db
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2015-04-21 do 2015-05-21 )))))))))))))))))))))))))))))))
.
.
2015-05-21 18:35 . 2015-05-21 18:35 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{5D8104A9-800A-4F46-B46C-0638EF79E505}\offreg.1176.dll
2015-05-21 18:35 . 2015-05-21 18:35 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-05-20 09:18 . 2015-05-20 17:26 -------- d-----w- C:\FRST
2015-05-20 07:59 . 2015-05-20 08:01 -------- d-----w- C:\AdwCleaner
2015-05-20 07:43 . 2015-05-20 07:43 -------- d-----w- c:\program files\trend micro
2015-05-20 06:41 . 2015-05-20 06:42 -------- d-----w- c:\program files (x86)\trend micro
2015-05-19 06:28 . 2015-05-03 03:16 12214312 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{5D8104A9-800A-4F46-B46C-0638EF79E505}\mpengine.dll
2015-05-14 06:27 . 2015-05-01 13:17 124112 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-14 06:27 . 2015-05-01 13:16 102608 ----a-w- c:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 18:32 . 2015-04-27 19:28 5569984 ----a-w- c:\windows\system32\ntoskrnl.exe
2015-05-13 18:32 . 2015-04-27 19:26 1728960 ----a-w- c:\windows\system32\ntdll.dll
2015-05-13 18:32 . 2015-04-27 19:23 1254400 ----a-w- c:\windows\system32\diagtrack.dll
2015-05-13 18:32 . 2015-04-27 18:06 36864 ----a-w- c:\windows\system32\UtcResources.dll
2015-05-13 18:32 . 2015-04-27 19:11 3934144 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2015-05-13 18:32 . 2015-04-27 19:11 3989440 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2015-05-13 00:03 . 2015-05-05 01:29 342016 ----a-w- c:\windows\system32\schannel.dll
2015-05-13 00:02 . 2015-04-13 03:28 328704 ----a-w- c:\windows\system32\services.exe
2015-05-12 23:58 . 2015-03-04 04:41 6656 ----a-w- c:\windows\system32\shimeng.dll
2015-05-12 23:58 . 2015-03-04 04:41 72192 ----a-w- c:\windows\system32\aelupsvc.dll
2015-05-12 23:58 . 2015-03-04 04:41 342016 ----a-w- c:\windows\system32\apphelp.dll
2015-05-12 23:58 . 2015-03-04 04:41 23552 ----a-w- c:\windows\system32\sdbinst.exe
2015-05-12 23:58 . 2015-03-04 04:11 5120 ----a-w- c:\windows\SysWow64\shimeng.dll
2015-05-12 23:58 . 2015-03-04 04:10 295936 ----a-w- c:\windows\SysWow64\apphelp.dll
2015-05-12 23:58 . 2015-03-04 04:10 20992 ----a-w- c:\windows\SysWow64\sdbinst.exe
2015-05-01 18:10 . 2015-05-01 18:10 229608 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\nppdf32.dll
2015-04-22 08:33 . 2015-04-22 08:33 364472 ----a-w- c:\windows\system32\aswBoot.exe
2015-04-22 08:33 . 2015-04-22 08:33 43112 ----a-w- c:\windows\avastSS.scr
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-05-14 06:29 . 2014-01-17 14:27 140425016 ----a-w- c:\windows\system32\MRT.exe
2015-05-05 01:29 . 2015-05-13 00:03 342016 ----a-w- c:\windows\system32\schannel.dll
2015-05-05 01:12 . 2015-05-13 00:03 248832 ----a-w- c:\windows\SysWow64\schannel.dll
2015-04-27 19:23 . 2015-05-13 18:31 113664 ----a-w- c:\windows\system32\sechost.dll
2015-04-27 19:05 . 2015-05-13 18:31 92160 ----a-w- c:\windows\SysWow64\sechost.dll
2015-04-27 19:04 . 2015-05-13 18:31 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2015-04-22 08:33 . 2014-04-23 06:56 29168 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2015-04-22 08:33 . 2014-01-17 13:58 65736 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2015-04-22 08:33 . 2014-01-17 13:58 442264 ----a-w- c:\windows\system32\drivers\aswSP.sys
2015-04-22 08:33 . 2014-01-17 13:58 272248 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2015-04-22 08:33 . 2014-01-17 13:58 137288 ----a-w- c:\windows\system32\drivers\aswStm.sys
2015-04-22 08:33 . 2014-01-17 13:57 93528 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2015-04-22 08:33 . 2014-01-17 13:57 89944 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2015-04-22 08:33 . 2014-01-17 13:58 1047320 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2015-04-14 16:26 . 2014-01-17 16:45 778416 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-04-14 16:26 . 2014-01-17 16:45 142512 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-04-14 16:26 . 2015-04-14 16:26 18178736 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2015-03-25 03:24 . 2015-04-15 04:49 98304 ----a-w- c:\windows\system32\wudriver.dll
2015-03-25 03:24 . 2015-04-15 04:49 37376 ----a-w- c:\windows\system32\wups2.dll
2015-03-25 03:24 . 2015-04-15 04:49 35328 ----a-w- c:\windows\system32\wups.dll
2015-03-25 03:24 . 2015-04-15 04:49 3298816 ----a-w- c:\windows\system32\wucltux.dll
2015-03-25 03:24 . 2015-04-15 04:49 2553856 ----a-w- c:\windows\system32\wuaueng.dll
2015-03-25 03:24 . 2015-04-15 04:49 191488 ----a-w- c:\windows\system32\wuwebv.dll
2015-03-25 03:24 . 2015-04-15 04:49 696320 ----a-w- c:\windows\system32\wuapi.dll
2015-03-25 03:24 . 2015-04-15 04:49 60416 ----a-w- c:\windows\system32\WinSetupUI.dll
2015-03-25 03:23 . 2015-04-15 04:49 12288 ----a-w- c:\windows\system32\wu.upgrade.ps.dll
2015-03-25 03:23 . 2015-04-15 04:49 36864 ----a-w- c:\windows\system32\wuapp.exe
2015-03-25 03:23 . 2015-04-15 04:49 135168 ----a-w- c:\windows\system32\wuauclt.exe
2015-03-25 03:00 . 2015-04-15 04:49 92672 ----a-w- c:\windows\SysWow64\wudriver.dll
2015-03-25 03:00 . 2015-04-15 04:49 566784 ----a-w- c:\windows\SysWow64\wuapi.dll
2015-03-25 03:00 . 2015-04-15 04:49 29696 ----a-w- c:\windows\SysWow64\wups.dll
2015-03-25 03:00 . 2015-04-15 04:49 173056 ----a-w- c:\windows\SysWow64\wuwebv.dll
2015-03-25 03:00 . 2015-04-15 04:49 33792 ----a-w- c:\windows\SysWow64\wuapp.exe
2015-03-23 03:25 . 2015-04-15 04:49 726528 ----a-w- c:\windows\system32\generaltel.dll
2015-03-23 03:25 . 2015-04-15 04:49 769536 ----a-w- c:\windows\system32\invagent.dll
2015-03-23 03:24 . 2015-04-15 04:49 419840 ----a-w- c:\windows\system32\devinv.dll
2015-03-23 03:24 . 2015-04-15 04:49 957952 ----a-w- c:\windows\system32\appraiser.dll
2015-03-23 03:24 . 2015-04-15 04:49 30720 ----a-w- c:\windows\system32\acmigration.dll
2015-03-23 03:24 . 2015-04-15 04:49 227328 ----a-w- c:\windows\system32\aepdu.dll
2015-03-23 03:24 . 2015-04-15 04:49 192000 ----a-w- c:\windows\system32\aepic.dll
2015-03-23 03:17 . 2015-04-15 04:49 1111552 ----a-w- c:\windows\system32\aeinv.dll
2015-03-10 03:25 . 2015-04-15 04:48 1882624 ----a-w- c:\windows\system32\msxml3.dll
2015-03-10 03:21 . 2015-04-15 04:48 2048 ----a-w- c:\windows\system32\msxml3r.dll
2015-03-10 03:08 . 2015-04-15 04:48 1237504 ----a-w- c:\windows\SysWow64\msxml3.dll
2015-03-10 03:05 . 2015-04-15 04:48 2048 ----a-w- c:\windows\SysWow64\msxml3r.dll
2015-03-05 05:12 . 2015-04-15 04:49 404480 ----a-w- c:\windows\system32\gdi32.dll
2015-03-05 04:05 . 2015-04-15 04:48 311808 ----a-w- c:\windows\SysWow64\gdi32.dll
2015-03-04 04:55 . 2015-04-15 04:46 367552 ----a-w- c:\windows\system32\clfs.sys
2015-03-04 04:41 . 2015-04-15 04:46 79360 ----a-w- c:\windows\system32\clfsw32.dll
2015-03-04 04:41 . 2015-05-12 23:58 309248 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2015-03-04 04:41 . 2015-05-12 23:58 103424 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2015-03-04 04:10 . 2015-04-15 04:46 58880 ----a-w- c:\windows\SysWow64\clfsw32.dll
2015-03-04 04:10 . 2015-05-12 23:58 470528 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2015-03-04 04:10 . 2015-05-12 23:58 2178560 ----a-w- c:\windows\apppatch\AcGenral.dll
2015-03-04 04:06 . 2015-05-12 23:58 2560 ----a-w- c:\windows\apppatch\AcRes.dll
2015-02-25 03:18 . 2015-04-15 04:48 754688 ----a-w- c:\windows\system32\drivers\http.sys
2015-02-24 02:17 . 2014-01-17 14:17 295552 ------w- c:\windows\system32\MpSigStub.exe
2015-02-22 17:33 . 2014-02-14 07:09 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2015-02-22 17:33 . 2014-02-11 09:43 483952 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"ISUSPM Startup"="c:\progra~2\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-06-16 221184]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-08-05 98304]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-03-04 284696]
"DTRun"="c:\program files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe" [2009-11-18 518656]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2015-04-22 5515496]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-21 59720]
"QLBController"="c:\program files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe" [2010-10-01 256056]
"ISUSScheduler"="c:\program files (x86)\Common Files\InstallShield\UpdateService\issch.exe" [2004-06-16 81920]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
GoPro Importer.lnk - c:\program files (x86)\GoPro\Tools\Importer\GoPro Importer.exe [2014-12-17 3169792]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\DeviceNP]
2009-11-17 13:39 75320 ----a-w- c:\windows\System32\DeviceNP.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ DPPassFilter scecli
.
R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 O2 Internet. RunOuc;O2 Internet. OUC;c:\program files (x86)\O2 Internet\UpdateDog\ouc.exe;c:\program files (x86)\O2 Internet\UpdateDog\ouc.exe [x]
R2 vcsFPService;Validity VCS Fingerprint Service;c:\windows\system32\vcsFPService.exe;c:\windows\SYSNATIVE\vcsFPService.exe [x]
R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys;c:\windows\SYSNATIVE\Drivers\ssadadb.sys [x]
R3 DAMDrv;DAMDrv;c:\windows\system32\DRIVERS\DAMDrv64.sys;c:\windows\SYSNATIVE\DRIVERS\DAMDrv64.sys [x]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys;c:\windows\SYSNATIVE\DRIVERS\ew_hwusbdev.sys [x]
R3 ew_usbenumfilter;huawei_CompositeFilter;c:\windows\system32\DRIVERS\ew_usbenumfilter.sys;c:\windows\SYSNATIVE\DRIVERS\ew_usbenumfilter.sys [x]
R3 FLCDLOCK;Auditování/zamknutí zařízení nástroje HP ProtectTools;c:\windows\SysWOW64\flcdlock.exe;c:\windows\SysWOW64\flcdlock.exe [x]
R3 huawei_cdcacm;huawei_cdcacm;c:\windows\system32\DRIVERS\ew_jucdcacm.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jucdcacm.sys [x]
R3 huawei_ext_ctrl;huawei_ext_ctrl;c:\windows\system32\DRIVERS\ew_juextctrl.sys;c:\windows\SYSNATIVE\DRIVERS\ew_juextctrl.sys [x]
R3 huawei_wwanecm;huawei_wwanecm;c:\windows\system32\DRIVERS\ew_juwwanecm.sys;c:\windows\SYSNATIVE\DRIVERS\ew_juwwanecm.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssadbus.sys [x]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdfl.sys [x]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdm.sys [x]
R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys;c:\windows\SYSNATIVE\DRIVERS\ssadserd.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 SafeBoot;SafeBoot; [x]
S0 SbAlg;SbAlg; [x]
S0 SbFsLock;SbFsLock; [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 RsvLock;RsvLock; [x]
S2 602XML Updater;602Updater;c:\program files (x86)\Common Files\soft602\602updsvc\602updsvc.exe;c:\program files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [x]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe;c:\program files\IDT\WDM\AESTSr64.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 HP ProtectTools Service;HP ProtectTools Service;c:\program files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe;c:\program files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe [x]
S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x]
S2 HP Wireless Assistant Service;HP Wireless Assistant Service;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [x]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [x]
S2 HpFkCryptService;Drive Encryption Service;c:\program files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe;c:\program files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [x]
S2 HPFSService;File Sanitizer for HP ProtectTools;c:\program files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe;c:\program files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [x]
S2 hpHotkeyMonitor;HP Hotkey Monitor;c:\program files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe;c:\program files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe [x]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe;c:\windows\SYSNATIVE\Hpservice.exe [x]
S2 HWDeviceService64.exe;HWDeviceService64.exe;c:\programdata\DatacardService\HWDeviceService64.exe;c:\programdata\DatacardService\HWDeviceService64.exe [x]
S2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 pdfcDispatcher;PDF Document Manager;c:\program files (x86)\PDF Complete\pdfsvc.exe;c:\program files (x86)\PDF Complete\pdfsvc.exe [x]
S2 uArcCapture;ArcCapture;c:\windows\system\uArcCapture.exe;c:\windows\system\uArcCapture.exe [x]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 ARCVCAM;ARCVCAM, ArcSoft Webcam Sharing Manager Driver;c:\windows\system32\DRIVERS\ArcSoftVCapture.sys;c:\windows\SYSNATIVE\DRIVERS\ArcSoftVCapture.sys [x]
S3 DEBridge;DEBridge;c:\program files\Hewlett-Packard\Drive Encryption\SbHpAuthenticatorService.exe;c:\program files\Hewlett-Packard\Drive Encryption\SbHpAuthenticatorService.exe [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
S3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jubusenum.sys [x]
S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys;c:\windows\SYSNATIVE\DRIVERS\netr28x.sys [x]
S3 rtsuvc;HP Webcam [2 MP Fixed];c:\windows\system32\DRIVERS\rtsuvc.sys;c:\windows\SYSNATIVE\DRIVERS\rtsuvc.sys [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2015-05-21 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-01-17 16:26]
.
2015-05-20 c:\windows\Tasks\HPCeeScheduleForVincek.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15 03:43]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2015-04-22 08:33 722400 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HPWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe" [2010-04-05 8192]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2014-02-28 489472]
"Logitech Download Assistant"="c:\windows\System32\LogiLDA.dll" [2012-09-20 1832760]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://seznam.cz/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 10.0.0.138
TCP: Interfaces\{04885050-EA7C-4113-8772-527B5D49B360}: NameServer = 160.218.161.60 194.228.211.33
TCP: Interfaces\{D0CFFCEF-B270-46DB-B6C1-BAF80C75027F}: NameServer = 160.218.161.60 194.228.211.33
FF - ProfilePath - c:\users\Vincek\AppData\Roaming\Mozilla\Firefox\Profiles\a6gqfdth.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKU-Default-RunOnce-SPReview - c:\windows\System32\SPReview\SPReview.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE} - c:\program files (x86)\InstallShield Installation Information\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}\setup.exe
AddRemove-UnityWebPlayer - c:\users\Vincek\AppData\Local\Unity\WebPlayer\Uninstall.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\pdfcDispatcher]
"ImagePath"="c:\program files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2015-05-21 20:46:45
ComboFix-quarantined-files.txt 2015-05-21 18:46
.
Před spuštěním: Volných bajtů: 17 986 158 592
Po spuštění: Volných bajtů: 17 688 244 224
.
- - End Of File - - C6CCF3B31371B254A775F784155BA55E
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu logu.
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Prosím o kontrolu logu.
Vypnete trvale Windows Defender Otevrete si poznamkovy blok a zkopirujte do nej tento skript
Kód: Vybrat vše
KillAll::
File::
c:\windows\Tasks\Adobe Flash Player Updater.job
RegLock::
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
Driver::
SbAlg
SbFsLock
SafeBoot
Reboot::Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev CFScript a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Pretahntete mysi tento vytvoreny textovy dokument nad ikonu ComboFix a pustte.
ComboFix by se mel spustit a vykonat prikazy.
Az skonci (muze dojit k restartu pc), mel by se objevit novy log, ten mi sem zase zkopirujte.
Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace Kdyz windows nabehne, ale pri spousteni ruznych programu bude hlasena chyba, staci restartovat pc a bude to v poradkuPokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Prosím o kontrolu logu.
ComboFix 15-05-19.01 - Vincek 22.05.2015 22:38:32.2.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3951.2359 [GMT 2:00]
Spuštěný z: c:\users\Vincek\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Vincek\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\Tasks\Adobe Flash Player Updater.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\Tasks\Adobe Flash Player Updater.job
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_SBALG
-------\Legacy_SBFSLOCK
-------\Service_SafeBoot
-------\Service_SbAlg
-------\Service_SbFsLock
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2015-04-22 do 2015-05-22 )))))))))))))))))))))))))))))))
.
.
2015-05-22 20:48 . 2015-05-22 20:48 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-05-22 20:24 . 2015-05-03 03:16 12214312 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{B79BF5F3-4603-4335-8713-B972B26D821B}\mpengine.dll
2015-05-20 09:18 . 2015-05-20 17:26 -------- d-----w- C:\FRST
2015-05-20 07:59 . 2015-05-20 08:01 -------- d-----w- C:\AdwCleaner
2015-05-20 07:43 . 2015-05-20 07:43 -------- d-----w- c:\program files\trend micro
2015-05-20 06:41 . 2015-05-20 06:42 -------- d-----w- c:\program files (x86)\trend micro
2015-05-14 06:27 . 2015-05-01 13:17 124112 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-14 06:27 . 2015-05-01 13:16 102608 ----a-w- c:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 18:32 . 2015-04-27 19:28 5569984 ----a-w- c:\windows\system32\ntoskrnl.exe
2015-05-13 18:32 . 2015-04-27 19:26 1728960 ----a-w- c:\windows\system32\ntdll.dll
2015-05-13 18:32 . 2015-04-27 19:23 1254400 ----a-w- c:\windows\system32\diagtrack.dll
2015-05-13 18:32 . 2015-04-27 18:06 36864 ----a-w- c:\windows\system32\UtcResources.dll
2015-05-13 18:32 . 2015-04-27 19:11 3934144 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2015-05-13 18:32 . 2015-04-27 19:11 3989440 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2015-05-13 00:03 . 2015-05-05 01:29 342016 ----a-w- c:\windows\system32\schannel.dll
2015-05-13 00:02 . 2015-04-13 03:28 328704 ----a-w- c:\windows\system32\services.exe
2015-05-12 23:58 . 2015-03-04 04:41 6656 ----a-w- c:\windows\system32\shimeng.dll
2015-05-12 23:58 . 2015-03-04 04:41 72192 ----a-w- c:\windows\system32\aelupsvc.dll
2015-05-12 23:58 . 2015-03-04 04:41 342016 ----a-w- c:\windows\system32\apphelp.dll
2015-05-12 23:58 . 2015-03-04 04:41 23552 ----a-w- c:\windows\system32\sdbinst.exe
2015-05-12 23:58 . 2015-03-04 04:11 5120 ----a-w- c:\windows\SysWow64\shimeng.dll
2015-05-12 23:58 . 2015-03-04 04:10 295936 ----a-w- c:\windows\SysWow64\apphelp.dll
2015-05-12 23:58 . 2015-03-04 04:10 20992 ----a-w- c:\windows\SysWow64\sdbinst.exe
2015-05-01 18:10 . 2015-05-01 18:10 229608 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\nppdf32.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-05-14 06:29 . 2014-01-17 14:27 140425016 ----a-w- c:\windows\system32\MRT.exe
2015-05-05 01:29 . 2015-05-13 00:03 342016 ----a-w- c:\windows\system32\schannel.dll
2015-05-05 01:12 . 2015-05-13 00:03 248832 ----a-w- c:\windows\SysWow64\schannel.dll
2015-04-27 19:23 . 2015-05-13 18:31 113664 ----a-w- c:\windows\system32\sechost.dll
2015-04-27 19:05 . 2015-05-13 18:31 92160 ----a-w- c:\windows\SysWow64\sechost.dll
2015-04-27 19:04 . 2015-05-13 18:31 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2015-04-22 08:33 . 2015-04-22 08:33 364472 ----a-w- c:\windows\system32\aswBoot.exe
2015-04-22 08:33 . 2014-04-23 06:56 29168 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2015-04-22 08:33 . 2014-01-17 13:58 65736 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2015-04-22 08:33 . 2014-01-17 13:58 442264 ----a-w- c:\windows\system32\drivers\aswSP.sys
2015-04-22 08:33 . 2014-01-17 13:58 272248 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2015-04-22 08:33 . 2014-01-17 13:58 137288 ----a-w- c:\windows\system32\drivers\aswStm.sys
2015-04-22 08:33 . 2014-01-17 13:57 93528 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2015-04-22 08:33 . 2014-01-17 13:57 89944 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2015-04-22 08:33 . 2015-04-22 08:33 43112 ----a-w- c:\windows\avastSS.scr
2015-04-22 08:33 . 2014-01-17 13:58 1047320 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2015-04-14 16:26 . 2014-01-17 16:45 778416 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-04-14 16:26 . 2014-01-17 16:45 142512 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-04-14 16:26 . 2015-04-14 16:26 18178736 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2015-03-25 03:24 . 2015-04-15 04:49 98304 ----a-w- c:\windows\system32\wudriver.dll
2015-03-25 03:24 . 2015-04-15 04:49 37376 ----a-w- c:\windows\system32\wups2.dll
2015-03-25 03:24 . 2015-04-15 04:49 35328 ----a-w- c:\windows\system32\wups.dll
2015-03-25 03:24 . 2015-04-15 04:49 3298816 ----a-w- c:\windows\system32\wucltux.dll
2015-03-25 03:24 . 2015-04-15 04:49 2553856 ----a-w- c:\windows\system32\wuaueng.dll
2015-03-25 03:24 . 2015-04-15 04:49 191488 ----a-w- c:\windows\system32\wuwebv.dll
2015-03-25 03:24 . 2015-04-15 04:49 696320 ----a-w- c:\windows\system32\wuapi.dll
2015-03-25 03:24 . 2015-04-15 04:49 60416 ----a-w- c:\windows\system32\WinSetupUI.dll
2015-03-25 03:23 . 2015-04-15 04:49 12288 ----a-w- c:\windows\system32\wu.upgrade.ps.dll
2015-03-25 03:23 . 2015-04-15 04:49 36864 ----a-w- c:\windows\system32\wuapp.exe
2015-03-25 03:23 . 2015-04-15 04:49 135168 ----a-w- c:\windows\system32\wuauclt.exe
2015-03-25 03:00 . 2015-04-15 04:49 92672 ----a-w- c:\windows\SysWow64\wudriver.dll
2015-03-25 03:00 . 2015-04-15 04:49 566784 ----a-w- c:\windows\SysWow64\wuapi.dll
2015-03-25 03:00 . 2015-04-15 04:49 29696 ----a-w- c:\windows\SysWow64\wups.dll
2015-03-25 03:00 . 2015-04-15 04:49 173056 ----a-w- c:\windows\SysWow64\wuwebv.dll
2015-03-25 03:00 . 2015-04-15 04:49 33792 ----a-w- c:\windows\SysWow64\wuapp.exe
2015-03-23 03:25 . 2015-04-15 04:49 726528 ----a-w- c:\windows\system32\generaltel.dll
2015-03-23 03:25 . 2015-04-15 04:49 769536 ----a-w- c:\windows\system32\invagent.dll
2015-03-23 03:24 . 2015-04-15 04:49 419840 ----a-w- c:\windows\system32\devinv.dll
2015-03-23 03:24 . 2015-04-15 04:49 957952 ----a-w- c:\windows\system32\appraiser.dll
2015-03-23 03:24 . 2015-04-15 04:49 30720 ----a-w- c:\windows\system32\acmigration.dll
2015-03-23 03:24 . 2015-04-15 04:49 227328 ----a-w- c:\windows\system32\aepdu.dll
2015-03-23 03:24 . 2015-04-15 04:49 192000 ----a-w- c:\windows\system32\aepic.dll
2015-03-23 03:17 . 2015-04-15 04:49 1111552 ----a-w- c:\windows\system32\aeinv.dll
2015-03-10 03:25 . 2015-04-15 04:48 1882624 ----a-w- c:\windows\system32\msxml3.dll
2015-03-10 03:21 . 2015-04-15 04:48 2048 ----a-w- c:\windows\system32\msxml3r.dll
2015-03-10 03:08 . 2015-04-15 04:48 1237504 ----a-w- c:\windows\SysWow64\msxml3.dll
2015-03-10 03:05 . 2015-04-15 04:48 2048 ----a-w- c:\windows\SysWow64\msxml3r.dll
2015-03-05 05:12 . 2015-04-15 04:49 404480 ----a-w- c:\windows\system32\gdi32.dll
2015-03-05 04:05 . 2015-04-15 04:48 311808 ----a-w- c:\windows\SysWow64\gdi32.dll
2015-03-04 04:55 . 2015-04-15 04:46 367552 ----a-w- c:\windows\system32\clfs.sys
2015-03-04 04:41 . 2015-04-15 04:46 79360 ----a-w- c:\windows\system32\clfsw32.dll
2015-03-04 04:41 . 2015-05-12 23:58 309248 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2015-03-04 04:41 . 2015-05-12 23:58 103424 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2015-03-04 04:10 . 2015-04-15 04:46 58880 ----a-w- c:\windows\SysWow64\clfsw32.dll
2015-03-04 04:10 . 2015-05-12 23:58 470528 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2015-03-04 04:10 . 2015-05-12 23:58 2178560 ----a-w- c:\windows\apppatch\AcGenral.dll
2015-03-04 04:06 . 2015-05-12 23:58 2560 ----a-w- c:\windows\apppatch\AcRes.dll
2015-02-25 03:18 . 2015-04-15 04:48 754688 ----a-w- c:\windows\system32\drivers\http.sys
2015-02-24 02:17 . 2014-01-17 14:17 295552 ------w- c:\windows\system32\MpSigStub.exe
2015-02-22 17:33 . 2014-02-14 07:09 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2015-02-22 17:33 . 2014-02-11 09:43 483952 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"ISUSPM Startup"="c:\progra~2\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-06-16 221184]
"uTorrent"="c:\users\Vincek\AppData\Roaming\uTorrent\uTorrent.exe" [2015-05-11 1694560]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-08-05 98304]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-03-04 284696]
"DTRun"="c:\program files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe" [2009-11-18 518656]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2015-04-22 5515496]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-21 59720]
"QLBController"="c:\program files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe" [2010-10-01 256056]
"ISUSScheduler"="c:\program files (x86)\Common Files\InstallShield\UpdateService\issch.exe" [2004-06-16 81920]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
GoPro Importer.lnk - c:\program files (x86)\GoPro\Tools\Importer\GoPro Importer.exe [2014-12-17 3169792]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\DeviceNP]
2009-11-17 13:39 75320 ----a-w- c:\windows\System32\DeviceNP.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ DPPassFilter scecli
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x]
R2 HP Wireless Assistant Service;HP Wireless Assistant Service;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [x]
R2 O2 Internet. RunOuc;O2 Internet. OUC;c:\program files (x86)\O2 Internet\UpdateDog\ouc.exe;c:\program files (x86)\O2 Internet\UpdateDog\ouc.exe [x]
R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys;c:\windows\SYSNATIVE\Drivers\ssadadb.sys [x]
R3 DAMDrv;DAMDrv;c:\windows\system32\DRIVERS\DAMDrv64.sys;c:\windows\SYSNATIVE\DRIVERS\DAMDrv64.sys [x]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys;c:\windows\SYSNATIVE\DRIVERS\ew_hwusbdev.sys [x]
R3 ew_usbenumfilter;huawei_CompositeFilter;c:\windows\system32\DRIVERS\ew_usbenumfilter.sys;c:\windows\SYSNATIVE\DRIVERS\ew_usbenumfilter.sys [x]
R3 FLCDLOCK;Auditování/zamknutí zařízení nástroje HP ProtectTools;c:\windows\SysWOW64\flcdlock.exe;c:\windows\SysWOW64\flcdlock.exe [x]
R3 huawei_cdcacm;huawei_cdcacm;c:\windows\system32\DRIVERS\ew_jucdcacm.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jucdcacm.sys [x]
R3 huawei_ext_ctrl;huawei_ext_ctrl;c:\windows\system32\DRIVERS\ew_juextctrl.sys;c:\windows\SYSNATIVE\DRIVERS\ew_juextctrl.sys [x]
R3 huawei_wwanecm;huawei_wwanecm;c:\windows\system32\DRIVERS\ew_juwwanecm.sys;c:\windows\SYSNATIVE\DRIVERS\ew_juwwanecm.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 RsvLock;RsvLock; [x]
S2 602XML Updater;602Updater;c:\program files (x86)\Common Files\soft602\602updsvc\602updsvc.exe;c:\program files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [x]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe;c:\program files\IDT\WDM\AESTSr64.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 HP ProtectTools Service;HP ProtectTools Service;c:\program files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe;c:\program files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe [x]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [x]
S2 HpFkCryptService;Drive Encryption Service;c:\program files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe;c:\program files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [x]
S2 HPFSService;File Sanitizer for HP ProtectTools;c:\program files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe;c:\program files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [x]
S2 hpHotkeyMonitor;HP Hotkey Monitor;c:\program files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe;c:\program files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe [x]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe;c:\windows\SYSNATIVE\Hpservice.exe [x]
S2 HWDeviceService64.exe;HWDeviceService64.exe;c:\programdata\DatacardService\HWDeviceService64.exe;c:\programdata\DatacardService\HWDeviceService64.exe [x]
S2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 pdfcDispatcher;PDF Document Manager;c:\program files (x86)\PDF Complete\pdfsvc.exe;c:\program files (x86)\PDF Complete\pdfsvc.exe [x]
S3 ARCVCAM;ARCVCAM, ArcSoft Webcam Sharing Manager Driver;c:\windows\system32\DRIVERS\ArcSoftVCapture.sys;c:\windows\SYSNATIVE\DRIVERS\ArcSoftVCapture.sys [x]
S3 DEBridge;DEBridge;c:\program files\Hewlett-Packard\Drive Encryption\SbHpAuthenticatorService.exe;c:\program files\Hewlett-Packard\Drive Encryption\SbHpAuthenticatorService.exe [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
S3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jubusenum.sys [x]
S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys;c:\windows\SYSNATIVE\DRIVERS\netr28x.sys [x]
S3 rtsuvc;HP Webcam [2 MP Fixed];c:\windows\system32\DRIVERS\rtsuvc.sys;c:\windows\SYSNATIVE\DRIVERS\rtsuvc.sys [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2015-05-22 c:\windows\Tasks\HPCeeScheduleForVincek.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15 03:43]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2015-04-22 08:33 722400 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HPWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe" [2010-04-05 8192]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2014-02-28 489472]
"Logitech Download Assistant"="c:\windows\System32\LogiLDA.dll" [2012-09-20 1832760]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://seznam.cz/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 10.0.0.138
TCP: Interfaces\{04885050-EA7C-4113-8772-527B5D49B360}: NameServer = 160.218.161.60 194.228.211.33
TCP: Interfaces\{D0CFFCEF-B270-46DB-B6C1-BAF80C75027F}: NameServer = 160.218.161.60 194.228.211.33
FF - ProfilePath - c:\users\Vincek\AppData\Roaming\Mozilla\Firefox\Profiles\a6gqfdth.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE} - c:\program files (x86)\InstallShield Installation Information\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}\setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\pdfcDispatcher]
"ImagePath"="c:\program files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Bonjour\mDNSResponder.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\programdata\O2 Internet\OnlineUpdate\ouc.exe
c:\windows\system\uArcCapture.exe
c:\program files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
.
**************************************************************************
.
Celkový čas: 2015-05-22 23:38:59 - počítač byl restartován
ComboFix-quarantined-files.txt 2015-05-22 21:38
ComboFix2.txt 2015-05-21 18:46
.
Před spuštěním: Volných bajtů: 97 760 387 072
Po spuštění: Volných bajtů: 97 226 092 544
.
- - End Of File - - 4845897338B961086BC5F9155EBEC7E4
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3951.2359 [GMT 2:00]
Spuštěný z: c:\users\Vincek\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Vincek\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\Tasks\Adobe Flash Player Updater.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\Tasks\Adobe Flash Player Updater.job
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_SBALG
-------\Legacy_SBFSLOCK
-------\Service_SafeBoot
-------\Service_SbAlg
-------\Service_SbFsLock
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2015-04-22 do 2015-05-22 )))))))))))))))))))))))))))))))
.
.
2015-05-22 20:48 . 2015-05-22 20:48 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-05-22 20:24 . 2015-05-03 03:16 12214312 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{B79BF5F3-4603-4335-8713-B972B26D821B}\mpengine.dll
2015-05-20 09:18 . 2015-05-20 17:26 -------- d-----w- C:\FRST
2015-05-20 07:59 . 2015-05-20 08:01 -------- d-----w- C:\AdwCleaner
2015-05-20 07:43 . 2015-05-20 07:43 -------- d-----w- c:\program files\trend micro
2015-05-20 06:41 . 2015-05-20 06:42 -------- d-----w- c:\program files (x86)\trend micro
2015-05-14 06:27 . 2015-05-01 13:17 124112 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-14 06:27 . 2015-05-01 13:16 102608 ----a-w- c:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 18:32 . 2015-04-27 19:28 5569984 ----a-w- c:\windows\system32\ntoskrnl.exe
2015-05-13 18:32 . 2015-04-27 19:26 1728960 ----a-w- c:\windows\system32\ntdll.dll
2015-05-13 18:32 . 2015-04-27 19:23 1254400 ----a-w- c:\windows\system32\diagtrack.dll
2015-05-13 18:32 . 2015-04-27 18:06 36864 ----a-w- c:\windows\system32\UtcResources.dll
2015-05-13 18:32 . 2015-04-27 19:11 3934144 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2015-05-13 18:32 . 2015-04-27 19:11 3989440 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2015-05-13 00:03 . 2015-05-05 01:29 342016 ----a-w- c:\windows\system32\schannel.dll
2015-05-13 00:02 . 2015-04-13 03:28 328704 ----a-w- c:\windows\system32\services.exe
2015-05-12 23:58 . 2015-03-04 04:41 6656 ----a-w- c:\windows\system32\shimeng.dll
2015-05-12 23:58 . 2015-03-04 04:41 72192 ----a-w- c:\windows\system32\aelupsvc.dll
2015-05-12 23:58 . 2015-03-04 04:41 342016 ----a-w- c:\windows\system32\apphelp.dll
2015-05-12 23:58 . 2015-03-04 04:41 23552 ----a-w- c:\windows\system32\sdbinst.exe
2015-05-12 23:58 . 2015-03-04 04:11 5120 ----a-w- c:\windows\SysWow64\shimeng.dll
2015-05-12 23:58 . 2015-03-04 04:10 295936 ----a-w- c:\windows\SysWow64\apphelp.dll
2015-05-12 23:58 . 2015-03-04 04:10 20992 ----a-w- c:\windows\SysWow64\sdbinst.exe
2015-05-01 18:10 . 2015-05-01 18:10 229608 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\nppdf32.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-05-14 06:29 . 2014-01-17 14:27 140425016 ----a-w- c:\windows\system32\MRT.exe
2015-05-05 01:29 . 2015-05-13 00:03 342016 ----a-w- c:\windows\system32\schannel.dll
2015-05-05 01:12 . 2015-05-13 00:03 248832 ----a-w- c:\windows\SysWow64\schannel.dll
2015-04-27 19:23 . 2015-05-13 18:31 113664 ----a-w- c:\windows\system32\sechost.dll
2015-04-27 19:05 . 2015-05-13 18:31 92160 ----a-w- c:\windows\SysWow64\sechost.dll
2015-04-27 19:04 . 2015-05-13 18:31 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2015-04-22 08:33 . 2015-04-22 08:33 364472 ----a-w- c:\windows\system32\aswBoot.exe
2015-04-22 08:33 . 2014-04-23 06:56 29168 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2015-04-22 08:33 . 2014-01-17 13:58 65736 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2015-04-22 08:33 . 2014-01-17 13:58 442264 ----a-w- c:\windows\system32\drivers\aswSP.sys
2015-04-22 08:33 . 2014-01-17 13:58 272248 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2015-04-22 08:33 . 2014-01-17 13:58 137288 ----a-w- c:\windows\system32\drivers\aswStm.sys
2015-04-22 08:33 . 2014-01-17 13:57 93528 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2015-04-22 08:33 . 2014-01-17 13:57 89944 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2015-04-22 08:33 . 2015-04-22 08:33 43112 ----a-w- c:\windows\avastSS.scr
2015-04-22 08:33 . 2014-01-17 13:58 1047320 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2015-04-14 16:26 . 2014-01-17 16:45 778416 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-04-14 16:26 . 2014-01-17 16:45 142512 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-04-14 16:26 . 2015-04-14 16:26 18178736 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2015-03-25 03:24 . 2015-04-15 04:49 98304 ----a-w- c:\windows\system32\wudriver.dll
2015-03-25 03:24 . 2015-04-15 04:49 37376 ----a-w- c:\windows\system32\wups2.dll
2015-03-25 03:24 . 2015-04-15 04:49 35328 ----a-w- c:\windows\system32\wups.dll
2015-03-25 03:24 . 2015-04-15 04:49 3298816 ----a-w- c:\windows\system32\wucltux.dll
2015-03-25 03:24 . 2015-04-15 04:49 2553856 ----a-w- c:\windows\system32\wuaueng.dll
2015-03-25 03:24 . 2015-04-15 04:49 191488 ----a-w- c:\windows\system32\wuwebv.dll
2015-03-25 03:24 . 2015-04-15 04:49 696320 ----a-w- c:\windows\system32\wuapi.dll
2015-03-25 03:24 . 2015-04-15 04:49 60416 ----a-w- c:\windows\system32\WinSetupUI.dll
2015-03-25 03:23 . 2015-04-15 04:49 12288 ----a-w- c:\windows\system32\wu.upgrade.ps.dll
2015-03-25 03:23 . 2015-04-15 04:49 36864 ----a-w- c:\windows\system32\wuapp.exe
2015-03-25 03:23 . 2015-04-15 04:49 135168 ----a-w- c:\windows\system32\wuauclt.exe
2015-03-25 03:00 . 2015-04-15 04:49 92672 ----a-w- c:\windows\SysWow64\wudriver.dll
2015-03-25 03:00 . 2015-04-15 04:49 566784 ----a-w- c:\windows\SysWow64\wuapi.dll
2015-03-25 03:00 . 2015-04-15 04:49 29696 ----a-w- c:\windows\SysWow64\wups.dll
2015-03-25 03:00 . 2015-04-15 04:49 173056 ----a-w- c:\windows\SysWow64\wuwebv.dll
2015-03-25 03:00 . 2015-04-15 04:49 33792 ----a-w- c:\windows\SysWow64\wuapp.exe
2015-03-23 03:25 . 2015-04-15 04:49 726528 ----a-w- c:\windows\system32\generaltel.dll
2015-03-23 03:25 . 2015-04-15 04:49 769536 ----a-w- c:\windows\system32\invagent.dll
2015-03-23 03:24 . 2015-04-15 04:49 419840 ----a-w- c:\windows\system32\devinv.dll
2015-03-23 03:24 . 2015-04-15 04:49 957952 ----a-w- c:\windows\system32\appraiser.dll
2015-03-23 03:24 . 2015-04-15 04:49 30720 ----a-w- c:\windows\system32\acmigration.dll
2015-03-23 03:24 . 2015-04-15 04:49 227328 ----a-w- c:\windows\system32\aepdu.dll
2015-03-23 03:24 . 2015-04-15 04:49 192000 ----a-w- c:\windows\system32\aepic.dll
2015-03-23 03:17 . 2015-04-15 04:49 1111552 ----a-w- c:\windows\system32\aeinv.dll
2015-03-10 03:25 . 2015-04-15 04:48 1882624 ----a-w- c:\windows\system32\msxml3.dll
2015-03-10 03:21 . 2015-04-15 04:48 2048 ----a-w- c:\windows\system32\msxml3r.dll
2015-03-10 03:08 . 2015-04-15 04:48 1237504 ----a-w- c:\windows\SysWow64\msxml3.dll
2015-03-10 03:05 . 2015-04-15 04:48 2048 ----a-w- c:\windows\SysWow64\msxml3r.dll
2015-03-05 05:12 . 2015-04-15 04:49 404480 ----a-w- c:\windows\system32\gdi32.dll
2015-03-05 04:05 . 2015-04-15 04:48 311808 ----a-w- c:\windows\SysWow64\gdi32.dll
2015-03-04 04:55 . 2015-04-15 04:46 367552 ----a-w- c:\windows\system32\clfs.sys
2015-03-04 04:41 . 2015-04-15 04:46 79360 ----a-w- c:\windows\system32\clfsw32.dll
2015-03-04 04:41 . 2015-05-12 23:58 309248 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2015-03-04 04:41 . 2015-05-12 23:58 103424 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2015-03-04 04:10 . 2015-04-15 04:46 58880 ----a-w- c:\windows\SysWow64\clfsw32.dll
2015-03-04 04:10 . 2015-05-12 23:58 470528 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2015-03-04 04:10 . 2015-05-12 23:58 2178560 ----a-w- c:\windows\apppatch\AcGenral.dll
2015-03-04 04:06 . 2015-05-12 23:58 2560 ----a-w- c:\windows\apppatch\AcRes.dll
2015-02-25 03:18 . 2015-04-15 04:48 754688 ----a-w- c:\windows\system32\drivers\http.sys
2015-02-24 02:17 . 2014-01-17 14:17 295552 ------w- c:\windows\system32\MpSigStub.exe
2015-02-22 17:33 . 2014-02-14 07:09 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2015-02-22 17:33 . 2014-02-11 09:43 483952 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"ISUSPM Startup"="c:\progra~2\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-06-16 221184]
"uTorrent"="c:\users\Vincek\AppData\Roaming\uTorrent\uTorrent.exe" [2015-05-11 1694560]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-08-05 98304]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-03-04 284696]
"DTRun"="c:\program files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe" [2009-11-18 518656]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2015-04-22 5515496]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-21 59720]
"QLBController"="c:\program files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe" [2010-10-01 256056]
"ISUSScheduler"="c:\program files (x86)\Common Files\InstallShield\UpdateService\issch.exe" [2004-06-16 81920]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
GoPro Importer.lnk - c:\program files (x86)\GoPro\Tools\Importer\GoPro Importer.exe [2014-12-17 3169792]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\DeviceNP]
2009-11-17 13:39 75320 ----a-w- c:\windows\System32\DeviceNP.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ DPPassFilter scecli
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x]
R2 HP Wireless Assistant Service;HP Wireless Assistant Service;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [x]
R2 O2 Internet. RunOuc;O2 Internet. OUC;c:\program files (x86)\O2 Internet\UpdateDog\ouc.exe;c:\program files (x86)\O2 Internet\UpdateDog\ouc.exe [x]
R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys;c:\windows\SYSNATIVE\Drivers\ssadadb.sys [x]
R3 DAMDrv;DAMDrv;c:\windows\system32\DRIVERS\DAMDrv64.sys;c:\windows\SYSNATIVE\DRIVERS\DAMDrv64.sys [x]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys;c:\windows\SYSNATIVE\DRIVERS\ew_hwusbdev.sys [x]
R3 ew_usbenumfilter;huawei_CompositeFilter;c:\windows\system32\DRIVERS\ew_usbenumfilter.sys;c:\windows\SYSNATIVE\DRIVERS\ew_usbenumfilter.sys [x]
R3 FLCDLOCK;Auditování/zamknutí zařízení nástroje HP ProtectTools;c:\windows\SysWOW64\flcdlock.exe;c:\windows\SysWOW64\flcdlock.exe [x]
R3 huawei_cdcacm;huawei_cdcacm;c:\windows\system32\DRIVERS\ew_jucdcacm.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jucdcacm.sys [x]
R3 huawei_ext_ctrl;huawei_ext_ctrl;c:\windows\system32\DRIVERS\ew_juextctrl.sys;c:\windows\SYSNATIVE\DRIVERS\ew_juextctrl.sys [x]
R3 huawei_wwanecm;huawei_wwanecm;c:\windows\system32\DRIVERS\ew_juwwanecm.sys;c:\windows\SYSNATIVE\DRIVERS\ew_juwwanecm.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 RsvLock;RsvLock; [x]
S2 602XML Updater;602Updater;c:\program files (x86)\Common Files\soft602\602updsvc\602updsvc.exe;c:\program files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [x]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe;c:\program files\IDT\WDM\AESTSr64.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 HP ProtectTools Service;HP ProtectTools Service;c:\program files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe;c:\program files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe [x]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [x]
S2 HpFkCryptService;Drive Encryption Service;c:\program files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe;c:\program files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [x]
S2 HPFSService;File Sanitizer for HP ProtectTools;c:\program files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe;c:\program files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [x]
S2 hpHotkeyMonitor;HP Hotkey Monitor;c:\program files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe;c:\program files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe [x]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe;c:\windows\SYSNATIVE\Hpservice.exe [x]
S2 HWDeviceService64.exe;HWDeviceService64.exe;c:\programdata\DatacardService\HWDeviceService64.exe;c:\programdata\DatacardService\HWDeviceService64.exe [x]
S2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 pdfcDispatcher;PDF Document Manager;c:\program files (x86)\PDF Complete\pdfsvc.exe;c:\program files (x86)\PDF Complete\pdfsvc.exe [x]
S3 ARCVCAM;ARCVCAM, ArcSoft Webcam Sharing Manager Driver;c:\windows\system32\DRIVERS\ArcSoftVCapture.sys;c:\windows\SYSNATIVE\DRIVERS\ArcSoftVCapture.sys [x]
S3 DEBridge;DEBridge;c:\program files\Hewlett-Packard\Drive Encryption\SbHpAuthenticatorService.exe;c:\program files\Hewlett-Packard\Drive Encryption\SbHpAuthenticatorService.exe [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
S3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jubusenum.sys [x]
S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys;c:\windows\SYSNATIVE\DRIVERS\netr28x.sys [x]
S3 rtsuvc;HP Webcam [2 MP Fixed];c:\windows\system32\DRIVERS\rtsuvc.sys;c:\windows\SYSNATIVE\DRIVERS\rtsuvc.sys [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2015-05-22 c:\windows\Tasks\HPCeeScheduleForVincek.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15 03:43]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2015-04-22 08:33 722400 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HPWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe" [2010-04-05 8192]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2014-02-28 489472]
"Logitech Download Assistant"="c:\windows\System32\LogiLDA.dll" [2012-09-20 1832760]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://seznam.cz/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 10.0.0.138
TCP: Interfaces\{04885050-EA7C-4113-8772-527B5D49B360}: NameServer = 160.218.161.60 194.228.211.33
TCP: Interfaces\{D0CFFCEF-B270-46DB-B6C1-BAF80C75027F}: NameServer = 160.218.161.60 194.228.211.33
FF - ProfilePath - c:\users\Vincek\AppData\Roaming\Mozilla\Firefox\Profiles\a6gqfdth.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE} - c:\program files (x86)\InstallShield Installation Information\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}\setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\pdfcDispatcher]
"ImagePath"="c:\program files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Bonjour\mDNSResponder.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\programdata\O2 Internet\OnlineUpdate\ouc.exe
c:\windows\system\uArcCapture.exe
c:\program files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
.
**************************************************************************
.
Celkový čas: 2015-05-22 23:38:59 - počítač byl restartován
ComboFix-quarantined-files.txt 2015-05-22 21:38
ComboFix2.txt 2015-05-21 18:46
.
Před spuštěním: Volných bajtů: 97 760 387 072
Po spuštění: Volných bajtů: 97 226 092 544
.
- - End Of File - - 4845897338B961086BC5F9155EBEC7E4
Re: Prosím o kontrolu logu.
Postupujte podle navodu kolegy
vyosek píše:
- Kliknete na volbu Change parametrs
- V okne Additional Option zakliknete vsechny moznosti
- Kliknete na OK
- Utilite prikazte, at skenuje - klik na Start Scan
- Po dokonceni skenu se objevi okno, zkontrolujte, zda-li je vsude moznost Skip
- Pokud moznost Skip nebude primarne nastavena, prekliknete ji na Skip
- Pokud mate vsude Skip, kliknete na Continue
- Na disku, kde mate Windows (obvykle c:\) ve tvaru TDSSKiller.nejaka cisilka _log.txt bude log - jeho obsah sem vlozte
Postupujte podle navodu kolegy
vyosek píše:
- Ulozte nejlepe na Plochu a rozbalte
- Spustte kliknutim na mbar
- Nyni postupne kliknete na Next a Update
- Po dokonceni update (aktualizace) databaze kliknete opet na Next
- Nechte zaskrtnute vsechny tri moznosti a klinete na Scan cimz spustite prohledavani PC
- Po dokonceni skenu (cca 5 minutek) zkontrolujte, zda-li je u vsech nalezu (samozrejme pokud budou) zatrzitko
- Tez zkontrolujte, jetsli je zatrzitko u Create Restore point
- Nyni kliknete na CleanUp cimz nalezenou infekci odstranime
- PC bude restartovan
- Slozka mbar by mela obsahovat log (a zrejme se i sam otevre) mbar-log-rok-mesic-den (hodina-minuta-sekunda).txt, ten mi sem dejte
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Prosím o kontrolu logu.
10:04:04.0536 0x06f8 TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
10:04:10.0206 0x06f8 ============================================================
10:04:10.0206 0x06f8 Current date / time: 2015/05/23 10:04:10.0206
10:04:10.0206 0x06f8 SystemInfo:
10:04:10.0207 0x06f8
10:04:10.0207 0x06f8 OS Version: 6.1.7601 ServicePack: 1.0
10:04:10.0207 0x06f8 Product type: Workstation
10:04:10.0207 0x06f8 ComputerName: VINCEK-PC
10:04:10.0207 0x06f8 UserName: Vincek
10:04:10.0207 0x06f8 Windows directory: C:\Windows
10:04:10.0207 0x06f8 System windows directory: C:\Windows
10:04:10.0207 0x06f8 Running under WOW64
10:04:10.0207 0x06f8 Processor architecture: Intel x64
10:04:10.0207 0x06f8 Number of processors: 4
10:04:10.0207 0x06f8 Page size: 0x1000
10:04:10.0207 0x06f8 Boot type: Normal boot
10:04:10.0207 0x06f8 ============================================================
10:04:10.0421 0x06f8 KLMD registered as C:\Windows\system32\drivers\35063349.sys
10:04:10.0764 0x06f8 System UUID: {7B2BFD3B-C42E-7872-6C2D-4E61E91A84C5}
10:04:11.0339 0x06f8 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:04:11.0349 0x06f8 ============================================================
10:04:11.0349 0x06f8 \Device\Harddisk0\DR0:
10:04:11.0349 0x06f8 MBR partitions:
10:04:11.0349 0x06f8 Initialize success
10:04:11.0349 0x06f8 ============================================================
10:04:52.0449 0x0e98 ============================================================
10:04:52.0449 0x0e98 Scan started
10:04:52.0449 0x0e98 Mode: Manual; SigCheck; TDLFS;
10:04:52.0449 0x0e98 ============================================================
10:04:52.0449 0x0e98 KSN ping started
10:04:55.0231 0x0e98 KSN ping finished: true
10:04:55.0450 0x0e98 ================ Scan system memory ========================
10:04:55.0451 0x0e98 System memory - ok
10:04:55.0451 0x0e98 ================ Scan services =============================
10:04:55.0471 0x0e98 1394ohci - ok
10:04:55.0477 0x0e98 602XML Updater - ok
10:04:55.0493 0x0e98 Accelerometer - ok
10:04:55.0497 0x0e98 ACDaemon - ok
10:04:55.0501 0x0e98 ACPI - ok
10:04:55.0505 0x0e98 AcpiPmi - ok
10:04:55.0509 0x0e98 adp94xx - ok
10:04:55.0513 0x0e98 adpahci - ok
10:04:55.0517 0x0e98 adpu320 - ok
10:04:55.0523 0x0e98 AeLookupSvc - ok
10:04:55.0527 0x0e98 AESTFilters - ok
10:04:55.0553 0x0e98 Afc - ok
10:04:55.0557 0x0e98 AFD - ok
10:04:55.0561 0x0e98 agp440 - ok
10:04:55.0564 0x0e98 ALG - ok
10:04:55.0568 0x0e98 aliide - ok
10:04:55.0572 0x0e98 AMD External Events Utility - ok
10:04:55.0576 0x0e98 amdide - ok
10:04:55.0580 0x0e98 AmdK8 - ok
10:04:55.0627 0x0e98 amdkmdag - ok
10:04:55.0639 0x0e98 amdkmdap - ok
10:04:55.0646 0x0e98 AmdPPM - ok
10:04:55.0652 0x0e98 amdsata - ok
10:04:55.0659 0x0e98 amdsbs - ok
10:04:55.0666 0x0e98 amdxata - ok
10:04:55.0671 0x0e98 androidusb - ok
10:04:55.0675 0x0e98 AppID - ok
10:04:55.0680 0x0e98 AppIDSvc - ok
10:04:55.0685 0x0e98 Appinfo - ok
10:04:55.0691 0x0e98 arc - ok
10:04:55.0696 0x0e98 arcsas - ok
10:04:55.0699 0x0e98 ARCVCAM - ok
10:04:55.0706 0x0e98 aspnet_state - ok
10:04:55.0710 0x0e98 aswHwid - ok
10:04:55.0729 0x0e98 aswMonFlt - ok
10:04:55.0740 0x0e98 aswRdr - ok
10:04:55.0744 0x0e98 aswRvrt - ok
10:04:55.0748 0x0e98 aswSnx - ok
10:04:55.0756 0x0e98 aswSP - ok
10:04:55.0769 0x0e98 aswStm - ok
10:04:55.0773 0x0e98 aswVmm - ok
10:04:55.0777 0x0e98 AsyncMac - ok
10:04:55.0781 0x0e98 atapi - ok
10:04:55.0787 0x0e98 AtiHdmiService - ok
10:04:55.0790 0x0e98 AudioEndpointBuilder - ok
10:04:55.0795 0x0e98 AudioSrv - ok
10:04:55.0799 0x0e98 avast! Antivirus - ok
10:04:55.0802 0x0e98 AxInstSV - ok
10:04:55.0806 0x0e98 b06bdrv - ok
10:04:55.0811 0x0e98 b57nd60a - ok
10:04:55.0818 0x0e98 BDESVC - ok
10:04:55.0821 0x0e98 Beep - ok
10:04:55.0825 0x0e98 BFE - ok
10:04:55.0838 0x0e98 BITS - ok
10:04:55.0842 0x0e98 blbdrive - ok
10:04:55.0858 0x0e98 Bonjour Service - ok
10:04:55.0862 0x0e98 bowser - ok
10:04:55.0865 0x0e98 BrFiltLo - ok
10:04:55.0868 0x0e98 BrFiltUp - ok
10:04:55.0872 0x0e98 BridgeMP - ok
10:04:55.0876 0x0e98 Browser - ok
10:04:55.0879 0x0e98 Brserid - ok
10:04:55.0883 0x0e98 BrSerWdm - ok
10:04:55.0886 0x0e98 BrUsbMdm - ok
10:04:55.0890 0x0e98 BrUsbSer - ok
10:04:55.0894 0x0e98 BthEnum - ok
10:04:55.0897 0x0e98 BTHMODEM - ok
10:04:55.0902 0x0e98 BthPan - ok
10:04:55.0905 0x0e98 BTHPORT - ok
10:04:55.0909 0x0e98 bthserv - ok
10:04:55.0913 0x0e98 BTHUSB - ok
10:04:55.0916 0x0e98 catchme - ok
10:04:55.0920 0x0e98 cdfs - ok
10:04:55.0923 0x0e98 cdrom - ok
10:04:55.0927 0x0e98 CertPropSvc - ok
10:04:55.0930 0x0e98 circlass - ok
10:04:55.0934 0x0e98 CLFS - ok
10:04:55.0938 0x0e98 clr_optimization_v2.0.50727_32 - ok
10:04:55.0942 0x0e98 clr_optimization_v2.0.50727_64 - ok
10:04:55.0946 0x0e98 clr_optimization_v4.0.30319_32 - ok
10:04:55.0950 0x0e98 clr_optimization_v4.0.30319_64 - ok
10:04:55.0954 0x0e98 CmBatt - ok
10:04:55.0957 0x0e98 cmdide - ok
10:04:55.0961 0x0e98 CNG - ok
10:04:55.0965 0x0e98 Compbatt - ok
10:04:55.0968 0x0e98 CompositeBus - ok
10:04:55.0972 0x0e98 COMSysApp - ok
10:04:55.0977 0x0e98 crcdisk - ok
10:04:55.0981 0x0e98 CryptSvc - ok
10:04:55.0985 0x0e98 DAMDrv - ok
10:04:55.0990 0x0e98 DcomLaunch - ok
10:04:55.0994 0x0e98 DEBridge - ok
10:04:55.0998 0x0e98 defragsvc - ok
10:04:56.0007 0x0e98 DfsC - ok
10:04:56.0011 0x0e98 Dhcp - ok
10:04:56.0016 0x0e98 DiagTrack - ok
10:04:56.0019 0x0e98 discache - ok
10:04:56.0023 0x0e98 Disk - ok
10:04:56.0027 0x0e98 Dnscache - ok
10:04:56.0030 0x0e98 dot3svc - ok
10:04:56.0035 0x0e98 DpHost - ok
10:04:56.0039 0x0e98 DPS - ok
10:04:56.0043 0x0e98 drmkaud - ok
10:04:56.0046 0x0e98 dtsoftbus01 - ok
10:04:56.0050 0x0e98 DXGKrnl - ok
10:04:56.0054 0x0e98 EapHost - ok
10:04:56.0057 0x0e98 ebdrv - ok
10:04:56.0061 0x0e98 EFS - ok
10:04:56.0064 0x0e98 ehRecvr - ok
10:04:56.0067 0x0e98 ehSched - ok
10:04:56.0071 0x0e98 elxstor - ok
10:04:56.0074 0x0e98 ErrDev - ok
10:04:56.0081 0x0e98 EventSystem - ok
10:04:56.0086 0x0e98 ew_hwusbdev - ok
10:04:56.0090 0x0e98 ew_usbenumfilter - ok
10:04:56.0094 0x0e98 exfat - ok
10:04:56.0098 0x0e98 fastfat - ok
10:04:56.0101 0x0e98 Fax - ok
10:04:56.0105 0x0e98 fdc - ok
10:04:56.0109 0x0e98 fdPHost - ok
10:04:56.0113 0x0e98 FDResPub - ok
10:04:56.0117 0x0e98 FileInfo - ok
10:04:56.0121 0x0e98 Filetrace - ok
10:04:56.0125 0x0e98 FLCDLOCK - ok
10:04:56.0129 0x0e98 FLEXnet Licensing Service - ok
10:04:56.0133 0x0e98 flpydisk - ok
10:04:56.0137 0x0e98 FltMgr - ok
10:04:56.0140 0x0e98 FontCache - ok
10:04:56.0144 0x0e98 FontCache3.0.0.0 - ok
10:04:56.0148 0x0e98 FsDepends - ok
10:04:56.0151 0x0e98 Fs_Rec - ok
10:04:56.0155 0x0e98 fvevol - ok
10:04:56.0159 0x0e98 gagp30kx - ok
10:04:56.0163 0x0e98 gpsvc - ok
10:04:56.0166 0x0e98 hcw85cir - ok
10:04:56.0170 0x0e98 HdAudAddService - ok
10:04:56.0173 0x0e98 HDAudBus - ok
10:04:56.0177 0x0e98 HECIx64 - ok
10:04:56.0181 0x0e98 HidBatt - ok
10:04:56.0184 0x0e98 HidBth - ok
10:04:56.0187 0x0e98 HidIr - ok
10:04:56.0192 0x0e98 hidserv - ok
10:04:56.0195 0x0e98 HidUsb - ok
10:04:56.0199 0x0e98 hkmsvc - ok
10:04:56.0202 0x0e98 HomeGroupListener - ok
10:04:56.0206 0x0e98 HomeGroupProvider - ok
10:04:56.0210 0x0e98 HP ProtectTools Service - ok
10:04:56.0214 0x0e98 HP Support Assistant Service - ok
10:04:56.0218 0x0e98 HP Wireless Assistant Service - ok
10:04:56.0222 0x0e98 HPDrvMntSvc.exe - ok
10:04:56.0226 0x0e98 hpdskflt - ok
10:04:56.0229 0x0e98 HpFkCryptService - ok
10:04:56.0233 0x0e98 HPFSService - ok
10:04:56.0237 0x0e98 hpHotkeyMonitor - ok
10:04:56.0241 0x0e98 HpqKbFiltr - ok
10:04:56.0245 0x0e98 hpqwmiex - ok
10:04:56.0248 0x0e98 HpSAMD - ok
10:04:56.0252 0x0e98 hpsrv - ok
10:04:56.0255 0x0e98 HTTP - ok
10:04:56.0259 0x0e98 huawei_cdcacm - ok
10:04:56.0263 0x0e98 huawei_enumerator - ok
10:04:56.0267 0x0e98 huawei_ext_ctrl - ok
10:04:56.0273 0x0e98 huawei_wwanecm - ok
10:04:56.0278 0x0e98 HWDeviceService64.exe - ok
10:04:56.0282 0x0e98 hwpolicy - ok
10:04:56.0288 0x0e98 i8042prt - ok
10:04:56.0292 0x0e98 iaStor - ok
10:04:56.0296 0x0e98 IAStorDataMgrSvc - ok
10:04:56.0300 0x0e98 iaStorV - ok
10:04:56.0305 0x0e98 idsvc - ok
10:04:56.0310 0x0e98 IEEtwCollectorService - ok
10:04:56.0314 0x0e98 iirsp - ok
10:04:56.0318 0x0e98 IKEEXT - ok
10:04:56.0323 0x0e98 intelide - ok
10:04:56.0327 0x0e98 intelppm - ok
10:04:56.0331 0x0e98 IPBusEnum - ok
10:04:56.0335 0x0e98 IpFilterDriver - ok
10:04:56.0339 0x0e98 iphlpsvc - ok
10:04:56.0344 0x0e98 IPMIDRV - ok
10:04:56.0347 0x0e98 IPNAT - ok
10:04:56.0351 0x0e98 IRENUM - ok
10:04:56.0354 0x0e98 isapnp - ok
10:04:56.0358 0x0e98 iScsiPrt - ok
10:04:56.0363 0x0e98 kbdclass - ok
10:04:56.0367 0x0e98 kbdhid - ok
10:04:56.0371 0x0e98 KeyIso - ok
10:04:56.0375 0x0e98 KSecDD - ok
10:04:56.0379 0x0e98 KSecPkg - ok
10:04:56.0382 0x0e98 ksthunk - ok
10:04:56.0386 0x0e98 KtmRm - ok
10:04:56.0391 0x0e98 LanmanServer - ok
10:04:56.0395 0x0e98 LanmanWorkstation - ok
10:04:56.0401 0x0e98 lltdio - ok
10:04:56.0406 0x0e98 lltdsvc - ok
10:04:56.0410 0x0e98 lmhosts - ok
10:04:56.0415 0x0e98 LMS - ok
10:04:56.0421 0x0e98 LSI_FC - ok
10:04:56.0425 0x0e98 LSI_SAS - ok
10:04:56.0429 0x0e98 LSI_SAS2 - ok
10:04:56.0433 0x0e98 LSI_SCSI - ok
10:04:56.0443 0x0e98 luafv - ok
10:04:56.0446 0x0e98 Mcx2Svc - ok
10:04:56.0450 0x0e98 megasas - ok
10:04:56.0454 0x0e98 MegaSR - ok
10:04:56.0459 0x0e98 Microsoft Office Groove Audit Service - ok
10:04:56.0463 0x0e98 MMCSS - ok
10:04:56.0466 0x0e98 Modem - ok
10:04:56.0470 0x0e98 monitor - ok
10:04:56.0476 0x0e98 mouclass - ok
10:04:56.0480 0x0e98 mouhid - ok
10:04:56.0484 0x0e98 mountmgr - ok
10:04:56.0488 0x0e98 MozillaMaintenance - ok
10:04:56.0492 0x0e98 mpio - ok
10:04:56.0497 0x0e98 mpsdrv - ok
10:04:56.0501 0x0e98 MpsSvc - ok
10:04:56.0505 0x0e98 MRxDAV - ok
10:04:56.0510 0x0e98 mrxsmb - ok
10:04:56.0514 0x0e98 mrxsmb10 - ok
10:04:56.0519 0x0e98 mrxsmb20 - ok
10:04:56.0524 0x0e98 msahci - ok
10:04:56.0528 0x0e98 msdsm - ok
10:04:56.0532 0x0e98 MSDTC - ok
10:04:56.0539 0x0e98 Msfs - ok
10:04:56.0544 0x0e98 mshidkmdf - ok
10:04:56.0548 0x0e98 msisadrv - ok
10:04:56.0552 0x0e98 MSiSCSI - ok
10:04:56.0556 0x0e98 msiserver - ok
10:04:56.0560 0x0e98 MSKSSRV - ok
10:04:56.0564 0x0e98 MSPCLOCK - ok
10:04:56.0569 0x0e98 MSPQM - ok
10:04:56.0573 0x0e98 MsRPC - ok
10:04:56.0579 0x0e98 mssmbios - ok
10:04:56.0584 0x0e98 MSTEE - ok
10:04:56.0588 0x0e98 MTConfig - ok
10:04:56.0592 0x0e98 Mup - ok
10:04:56.0596 0x0e98 napagent - ok
10:04:56.0601 0x0e98 NativeWifiP - ok
10:04:56.0605 0x0e98 NDIS - ok
10:04:56.0609 0x0e98 NdisCap - ok
10:04:56.0613 0x0e98 NdisTapi - ok
10:04:56.0618 0x0e98 Ndisuio - ok
10:04:56.0622 0x0e98 NdisWan - ok
10:04:56.0627 0x0e98 NDProxy - ok
10:04:56.0631 0x0e98 NetBIOS - ok
10:04:56.0636 0x0e98 NetBT - ok
10:04:56.0641 0x0e98 Netlogon - ok
10:04:56.0645 0x0e98 Netman - ok
10:04:56.0649 0x0e98 NetMsmqActivator - ok
10:04:56.0653 0x0e98 NetPipeActivator - ok
10:04:56.0658 0x0e98 netprofm - ok
10:04:56.0663 0x0e98 netr28x - ok
10:04:56.0667 0x0e98 NetTcpActivator - ok
10:04:56.0672 0x0e98 NetTcpPortSharing - ok
10:04:56.0676 0x0e98 nfrd960 - ok
10:04:56.0680 0x0e98 NlaSvc - ok
10:04:56.0684 0x0e98 Npfs - ok
10:04:56.0688 0x0e98 nsi - ok
10:04:56.0694 0x0e98 nsiproxy - ok
10:04:56.0700 0x0e98 Ntfs - ok
10:04:56.0705 0x0e98 Null - ok
10:04:56.0709 0x0e98 nvraid - ok
10:04:56.0714 0x0e98 nvstor - ok
10:04:56.0720 0x0e98 nv_agp - ok
10:04:56.0724 0x0e98 O2 Internet. RunOuc - ok
10:04:56.0729 0x0e98 odserv - ok
10:04:56.0733 0x0e98 ohci1394 - ok
10:04:56.0737 0x0e98 ose - ok
10:04:56.0744 0x0e98 p2pimsvc - ok
10:04:56.0749 0x0e98 p2psvc - ok
10:04:56.0755 0x0e98 Parport - ok
10:04:56.0762 0x0e98 partmgr - ok
10:04:56.0769 0x0e98 PcaSvc - ok
10:04:56.0775 0x0e98 pci - ok
10:04:56.0782 0x0e98 pciide - ok
10:04:56.0787 0x0e98 pcmcia - ok
10:04:56.0794 0x0e98 pcw - ok
10:04:56.0800 0x0e98 pdfcDispatcher - ok
10:04:56.0806 0x0e98 PEAUTH - ok
10:04:56.0815 0x0e98 PerfHost - ok
10:04:56.0826 0x0e98 pla - ok
10:04:56.0830 0x0e98 PlugPlay - ok
10:04:56.0834 0x0e98 PNRPAutoReg - ok
10:04:56.0839 0x0e98 PNRPsvc - ok
10:04:56.0844 0x0e98 PolicyAgent - ok
10:04:56.0851 0x0e98 Power - ok
10:04:56.0855 0x0e98 PptpMiniport - ok
10:04:56.0860 0x0e98 Processor - ok
10:04:56.0864 0x0e98 ProfSvc - ok
10:04:56.0869 0x0e98 ProtectedStorage - ok
10:04:56.0874 0x0e98 Psched - ok
10:04:56.0879 0x0e98 ql2300 - ok
10:04:56.0883 0x0e98 ql40xx - ok
10:04:56.0887 0x0e98 QWAVE - ok
10:04:56.0892 0x0e98 QWAVEdrv - ok
10:04:56.0896 0x0e98 RasAcd - ok
10:04:56.0901 0x0e98 RasAgileVpn - ok
10:04:56.0905 0x0e98 RasAuto - ok
10:04:56.0910 0x0e98 Rasl2tp - ok
10:04:56.0914 0x0e98 RasMan - ok
10:04:56.0918 0x0e98 RasPppoe - ok
10:04:56.0923 0x0e98 RasSstp - ok
10:04:56.0928 0x0e98 rdbss - ok
10:04:56.0933 0x0e98 rdpbus - ok
10:04:56.0937 0x0e98 RDPCDD - ok
10:04:56.0944 0x0e98 RDPENCDD - ok
10:04:56.0952 0x0e98 RDPREFMP - ok
10:04:56.0959 0x0e98 RdpVideoMiniport - ok
10:04:56.0964 0x0e98 RDPWD - ok
10:04:56.0968 0x0e98 rdyboost - ok
10:04:56.0973 0x0e98 RemoteAccess - ok
10:04:56.0978 0x0e98 RemoteRegistry - ok
10:04:56.0983 0x0e98 RFCOMM - ok
10:04:56.0988 0x0e98 RpcEptMapper - ok
10:04:56.0993 0x0e98 RpcLocator - ok
10:04:56.0998 0x0e98 RpcSs - ok
10:04:57.0003 0x0e98 rspndr - ok
10:04:57.0008 0x0e98 RSUSBSTOR - ok
10:04:57.0014 0x0e98 RsvLock - ok
10:04:57.0021 0x0e98 RTL8167 - ok
10:04:57.0026 0x0e98 rtsuvc - ok
10:04:57.0031 0x0e98 SamSs - ok
10:04:57.0036 0x0e98 sbp2port - ok
10:04:57.0041 0x0e98 SCardSvr - ok
10:04:57.0046 0x0e98 scfilter - ok
10:04:57.0052 0x0e98 Schedule - ok
10:04:57.0057 0x0e98 SCPolicySvc - ok
10:04:57.0062 0x0e98 SDRSVC - ok
10:04:57.0067 0x0e98 secdrv - ok
10:04:57.0073 0x0e98 seclogon - ok
10:04:57.0079 0x0e98 SENS - ok
10:04:57.0083 0x0e98 SensrSvc - ok
10:04:57.0088 0x0e98 Serenum - ok
10:04:57.0093 0x0e98 Serial - ok
10:04:57.0098 0x0e98 sermouse - ok
10:04:57.0112 0x0e98 SessionEnv - ok
10:04:57.0117 0x0e98 sffdisk - ok
10:04:57.0122 0x0e98 sffp_mmc - ok
10:04:57.0127 0x0e98 sffp_sd - ok
10:04:57.0132 0x0e98 sfloppy - ok
10:04:57.0139 0x0e98 SharedAccess - ok
10:04:57.0159 0x0e98 ShellHWDetection - ok
10:04:57.0164 0x0e98 SiSRaid2 - ok
10:04:57.0171 0x0e98 SiSRaid4 - ok
10:04:57.0176 0x0e98 Smb - ok
10:04:57.0187 0x0e98 SNMPTRAP - ok
10:04:57.0192 0x0e98 spldr - ok
10:04:57.0199 0x0e98 Spooler - ok
10:04:57.0204 0x0e98 sppsvc - ok
10:04:57.0209 0x0e98 sppuinotify - ok
10:04:57.0215 0x0e98 srv - ok
10:04:57.0221 0x0e98 srv2 - ok
10:04:57.0227 0x0e98 srvnet - ok
10:04:57.0232 0x0e98 ssadbus - ok
10:04:57.0236 0x0e98 ssadmdfl - ok
10:04:57.0241 0x0e98 ssadmdm - ok
10:04:57.0247 0x0e98 ssadserd - ok
10:04:57.0252 0x0e98 SSDPSRV - ok
10:04:57.0258 0x0e98 SstpSvc - ok
10:04:57.0263 0x0e98 STacSV - ok
10:04:57.0268 0x0e98 stexstor - ok
10:04:57.0273 0x0e98 STHDA - ok
10:04:57.0278 0x0e98 stisvc - ok
10:04:57.0283 0x0e98 swenum - ok
10:04:57.0289 0x0e98 swprv - ok
10:04:57.0295 0x0e98 SynTP - ok
10:04:57.0300 0x0e98 SysMain - ok
10:04:57.0305 0x0e98 TabletInputService - ok
10:04:57.0311 0x0e98 TapiSrv - ok
10:04:57.0318 0x0e98 TBS - ok
10:04:57.0324 0x0e98 Tcpip - ok
10:04:57.0329 0x0e98 TCPIP6 - ok
10:04:57.0338 0x0e98 tcpipreg - ok
10:04:57.0347 0x0e98 TDPIPE - ok
10:04:57.0353 0x0e98 TDTCP - ok
10:04:57.0359 0x0e98 tdx - ok
10:04:57.0364 0x0e98 TermDD - ok
10:04:57.0369 0x0e98 TermService - ok
10:04:57.0374 0x0e98 Themes - ok
10:04:57.0380 0x0e98 THREADORDER - ok
10:04:57.0386 0x0e98 TrkWks - ok
10:04:57.0392 0x0e98 TrustedInstaller - ok
10:04:57.0401 0x0e98 tssecsrv - ok
10:04:57.0406 0x0e98 TsUsbFlt - ok
10:04:57.0412 0x0e98 tunnel - ok
10:04:57.0417 0x0e98 uagp35 - ok
10:04:57.0422 0x0e98 uArcCapture - ok
10:04:57.0427 0x0e98 udfs - ok
10:04:57.0438 0x0e98 UI0Detect - ok
10:04:57.0443 0x0e98 uliagpkx - ok
10:04:57.0448 0x0e98 umbus - ok
10:04:57.0454 0x0e98 UmPass - ok
10:04:57.0460 0x0e98 UNS - ok
10:04:57.0466 0x0e98 upnphost - ok
10:04:57.0471 0x0e98 usbccgp - ok
10:04:57.0476 0x0e98 usbcir - ok
10:04:57.0481 0x0e98 usbehci - ok
10:04:57.0487 0x0e98 usbhub - ok
10:04:57.0493 0x0e98 usbohci - ok
10:04:57.0498 0x0e98 usbprint - ok
10:04:57.0503 0x0e98 USBSTOR - ok
10:04:57.0508 0x0e98 usbuhci - ok
10:04:57.0514 0x0e98 usbvideo - ok
10:04:57.0519 0x0e98 usb_rndisx - ok
10:04:57.0524 0x0e98 UxSms - ok
10:04:57.0530 0x0e98 VaultSvc - ok
10:04:57.0535 0x0e98 vcsFPService - ok
10:04:57.0540 0x0e98 vdrvroot - ok
10:04:57.0546 0x0e98 vds - ok
10:04:57.0551 0x0e98 vga - ok
10:04:57.0556 0x0e98 VgaSave - ok
10:04:57.0562 0x0e98 vhdmp - ok
10:04:57.0567 0x0e98 viaide - ok
10:04:57.0573 0x0e98 volmgr - ok
10:04:57.0578 0x0e98 volmgrx - ok
10:04:57.0583 0x0e98 volsnap - ok
10:04:57.0588 0x0e98 vsmraid - ok
10:04:57.0595 0x0e98 VSS - ok
10:04:57.0601 0x0e98 vwifibus - ok
10:04:57.0607 0x0e98 vwififlt - ok
10:04:57.0614 0x0e98 W32Time - ok
10:04:57.0625 0x0e98 WacomPen - ok
10:04:57.0631 0x0e98 WANARP - ok
10:04:57.0636 0x0e98 Wanarpv6 - ok
10:04:57.0642 0x0e98 WatAdminSvc - ok
10:04:57.0647 0x0e98 wbengine - ok
10:04:57.0653 0x0e98 WbioSrvc - ok
10:04:57.0658 0x0e98 wcncsvc - ok
10:04:57.0664 0x0e98 WcsPlugInService - ok
10:04:57.0669 0x0e98 Wd - ok
10:04:57.0676 0x0e98 Wdf01000 - ok
10:04:57.0681 0x0e98 WdiServiceHost - ok
10:04:57.0686 0x0e98 WdiSystemHost - ok
10:04:57.0691 0x0e98 WebClient - ok
10:04:57.0697 0x0e98 Wecsvc - ok
10:04:57.0702 0x0e98 wercplsupport - ok
10:04:57.0708 0x0e98 WerSvc - ok
10:04:57.0714 0x0e98 WfpLwf - ok
10:04:57.0719 0x0e98 WIMMount - ok
10:04:57.0726 0x0e98 WinDefend - ok
10:04:57.0740 0x0e98 WinHttpAutoProxySvc - ok
10:04:57.0746 0x0e98 Winmgmt - ok
10:04:57.0751 0x0e98 WinRM - ok
10:04:57.0765 0x0e98 WinUSB - ok
10:04:57.0771 0x0e98 Wlansvc - ok
10:04:57.0778 0x0e98 WmiAcpi - ok
10:04:57.0787 0x0e98 wmiApSrv - ok
10:04:57.0792 0x0e98 WMPNetworkSvc - ok
10:04:57.0798 0x0e98 WPCSvc - ok
10:04:57.0803 0x0e98 WPDBusEnum - ok
10:04:57.0810 0x0e98 ws2ifsl - ok
10:04:57.0816 0x0e98 wscsvc - ok
10:04:57.0822 0x0e98 WSearch - ok
10:04:57.0832 0x0e98 wuauserv - ok
10:04:57.0837 0x0e98 WudfPf - ok
10:04:57.0844 0x0e98 WUDFRd - ok
10:04:57.0849 0x0e98 wudfsvc - ok
10:04:57.0856 0x0e98 WwanSvc - ok
10:04:57.0883 0x0e98 ================ Scan global ===============================
10:04:57.0884 0x0e98 [ Global ] - ok
10:04:57.0885 0x0e98 ================ Scan MBR ==================================
10:04:57.0895 0x0e98 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
10:04:58.0293 0x0e98 \Device\Harddisk0\DR0 - ok
10:04:58.0293 0x0e98 ================ Scan VBR ==================================
10:04:58.0293 0x0e98 ================ Scan generic autorun ======================
10:04:58.0294 0x0e98 HPWirelessAssistant - ok
10:04:58.0296 0x0e98 SynTPEnh - ok
10:04:58.0299 0x0e98 SysTrayApp - ok
10:04:58.0302 0x0e98 Logitech Download Assistant - ok
10:04:58.0305 0x0e98 StartCCC - ok
10:04:58.0308 0x0e98 IAStorIcon - ok
10:04:58.0311 0x0e98 DTRun - ok
10:04:58.0313 0x0e98 AvastUI.exe - ok
10:04:58.0316 0x0e98 APSDaemon - ok
10:04:58.0319 0x0e98 QLBController - ok
10:04:58.0321 0x0e98 ISUSScheduler - ok
10:04:58.0324 0x0e98 Sidebar - ok
10:04:58.0327 0x0e98 ISUSPM Startup - ok
10:04:58.0329 0x0e98 uTorrent - ok
10:04:58.0365 0x0e98 AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 10.2.2218.942 ), 0x41000 ( enabled : updated )
10:04:58.0402 0x0e98 Win FW state via NFP2: enabled
10:05:01.0123 0x0e98 ============================================================
10:05:01.0123 0x0e98 Scan finished
10:05:01.0123 0x0e98 ============================================================
10:05:01.0138 0x1028 Detected object count: 0
10:05:01.0138 0x1028 Actual detected object count: 0
10:06:35.0806 0x0ec8 Deinitialize success
10:04:10.0206 0x06f8 ============================================================
10:04:10.0206 0x06f8 Current date / time: 2015/05/23 10:04:10.0206
10:04:10.0206 0x06f8 SystemInfo:
10:04:10.0207 0x06f8
10:04:10.0207 0x06f8 OS Version: 6.1.7601 ServicePack: 1.0
10:04:10.0207 0x06f8 Product type: Workstation
10:04:10.0207 0x06f8 ComputerName: VINCEK-PC
10:04:10.0207 0x06f8 UserName: Vincek
10:04:10.0207 0x06f8 Windows directory: C:\Windows
10:04:10.0207 0x06f8 System windows directory: C:\Windows
10:04:10.0207 0x06f8 Running under WOW64
10:04:10.0207 0x06f8 Processor architecture: Intel x64
10:04:10.0207 0x06f8 Number of processors: 4
10:04:10.0207 0x06f8 Page size: 0x1000
10:04:10.0207 0x06f8 Boot type: Normal boot
10:04:10.0207 0x06f8 ============================================================
10:04:10.0421 0x06f8 KLMD registered as C:\Windows\system32\drivers\35063349.sys
10:04:10.0764 0x06f8 System UUID: {7B2BFD3B-C42E-7872-6C2D-4E61E91A84C5}
10:04:11.0339 0x06f8 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:04:11.0349 0x06f8 ============================================================
10:04:11.0349 0x06f8 \Device\Harddisk0\DR0:
10:04:11.0349 0x06f8 MBR partitions:
10:04:11.0349 0x06f8 Initialize success
10:04:11.0349 0x06f8 ============================================================
10:04:52.0449 0x0e98 ============================================================
10:04:52.0449 0x0e98 Scan started
10:04:52.0449 0x0e98 Mode: Manual; SigCheck; TDLFS;
10:04:52.0449 0x0e98 ============================================================
10:04:52.0449 0x0e98 KSN ping started
10:04:55.0231 0x0e98 KSN ping finished: true
10:04:55.0450 0x0e98 ================ Scan system memory ========================
10:04:55.0451 0x0e98 System memory - ok
10:04:55.0451 0x0e98 ================ Scan services =============================
10:04:55.0471 0x0e98 1394ohci - ok
10:04:55.0477 0x0e98 602XML Updater - ok
10:04:55.0493 0x0e98 Accelerometer - ok
10:04:55.0497 0x0e98 ACDaemon - ok
10:04:55.0501 0x0e98 ACPI - ok
10:04:55.0505 0x0e98 AcpiPmi - ok
10:04:55.0509 0x0e98 adp94xx - ok
10:04:55.0513 0x0e98 adpahci - ok
10:04:55.0517 0x0e98 adpu320 - ok
10:04:55.0523 0x0e98 AeLookupSvc - ok
10:04:55.0527 0x0e98 AESTFilters - ok
10:04:55.0553 0x0e98 Afc - ok
10:04:55.0557 0x0e98 AFD - ok
10:04:55.0561 0x0e98 agp440 - ok
10:04:55.0564 0x0e98 ALG - ok
10:04:55.0568 0x0e98 aliide - ok
10:04:55.0572 0x0e98 AMD External Events Utility - ok
10:04:55.0576 0x0e98 amdide - ok
10:04:55.0580 0x0e98 AmdK8 - ok
10:04:55.0627 0x0e98 amdkmdag - ok
10:04:55.0639 0x0e98 amdkmdap - ok
10:04:55.0646 0x0e98 AmdPPM - ok
10:04:55.0652 0x0e98 amdsata - ok
10:04:55.0659 0x0e98 amdsbs - ok
10:04:55.0666 0x0e98 amdxata - ok
10:04:55.0671 0x0e98 androidusb - ok
10:04:55.0675 0x0e98 AppID - ok
10:04:55.0680 0x0e98 AppIDSvc - ok
10:04:55.0685 0x0e98 Appinfo - ok
10:04:55.0691 0x0e98 arc - ok
10:04:55.0696 0x0e98 arcsas - ok
10:04:55.0699 0x0e98 ARCVCAM - ok
10:04:55.0706 0x0e98 aspnet_state - ok
10:04:55.0710 0x0e98 aswHwid - ok
10:04:55.0729 0x0e98 aswMonFlt - ok
10:04:55.0740 0x0e98 aswRdr - ok
10:04:55.0744 0x0e98 aswRvrt - ok
10:04:55.0748 0x0e98 aswSnx - ok
10:04:55.0756 0x0e98 aswSP - ok
10:04:55.0769 0x0e98 aswStm - ok
10:04:55.0773 0x0e98 aswVmm - ok
10:04:55.0777 0x0e98 AsyncMac - ok
10:04:55.0781 0x0e98 atapi - ok
10:04:55.0787 0x0e98 AtiHdmiService - ok
10:04:55.0790 0x0e98 AudioEndpointBuilder - ok
10:04:55.0795 0x0e98 AudioSrv - ok
10:04:55.0799 0x0e98 avast! Antivirus - ok
10:04:55.0802 0x0e98 AxInstSV - ok
10:04:55.0806 0x0e98 b06bdrv - ok
10:04:55.0811 0x0e98 b57nd60a - ok
10:04:55.0818 0x0e98 BDESVC - ok
10:04:55.0821 0x0e98 Beep - ok
10:04:55.0825 0x0e98 BFE - ok
10:04:55.0838 0x0e98 BITS - ok
10:04:55.0842 0x0e98 blbdrive - ok
10:04:55.0858 0x0e98 Bonjour Service - ok
10:04:55.0862 0x0e98 bowser - ok
10:04:55.0865 0x0e98 BrFiltLo - ok
10:04:55.0868 0x0e98 BrFiltUp - ok
10:04:55.0872 0x0e98 BridgeMP - ok
10:04:55.0876 0x0e98 Browser - ok
10:04:55.0879 0x0e98 Brserid - ok
10:04:55.0883 0x0e98 BrSerWdm - ok
10:04:55.0886 0x0e98 BrUsbMdm - ok
10:04:55.0890 0x0e98 BrUsbSer - ok
10:04:55.0894 0x0e98 BthEnum - ok
10:04:55.0897 0x0e98 BTHMODEM - ok
10:04:55.0902 0x0e98 BthPan - ok
10:04:55.0905 0x0e98 BTHPORT - ok
10:04:55.0909 0x0e98 bthserv - ok
10:04:55.0913 0x0e98 BTHUSB - ok
10:04:55.0916 0x0e98 catchme - ok
10:04:55.0920 0x0e98 cdfs - ok
10:04:55.0923 0x0e98 cdrom - ok
10:04:55.0927 0x0e98 CertPropSvc - ok
10:04:55.0930 0x0e98 circlass - ok
10:04:55.0934 0x0e98 CLFS - ok
10:04:55.0938 0x0e98 clr_optimization_v2.0.50727_32 - ok
10:04:55.0942 0x0e98 clr_optimization_v2.0.50727_64 - ok
10:04:55.0946 0x0e98 clr_optimization_v4.0.30319_32 - ok
10:04:55.0950 0x0e98 clr_optimization_v4.0.30319_64 - ok
10:04:55.0954 0x0e98 CmBatt - ok
10:04:55.0957 0x0e98 cmdide - ok
10:04:55.0961 0x0e98 CNG - ok
10:04:55.0965 0x0e98 Compbatt - ok
10:04:55.0968 0x0e98 CompositeBus - ok
10:04:55.0972 0x0e98 COMSysApp - ok
10:04:55.0977 0x0e98 crcdisk - ok
10:04:55.0981 0x0e98 CryptSvc - ok
10:04:55.0985 0x0e98 DAMDrv - ok
10:04:55.0990 0x0e98 DcomLaunch - ok
10:04:55.0994 0x0e98 DEBridge - ok
10:04:55.0998 0x0e98 defragsvc - ok
10:04:56.0007 0x0e98 DfsC - ok
10:04:56.0011 0x0e98 Dhcp - ok
10:04:56.0016 0x0e98 DiagTrack - ok
10:04:56.0019 0x0e98 discache - ok
10:04:56.0023 0x0e98 Disk - ok
10:04:56.0027 0x0e98 Dnscache - ok
10:04:56.0030 0x0e98 dot3svc - ok
10:04:56.0035 0x0e98 DpHost - ok
10:04:56.0039 0x0e98 DPS - ok
10:04:56.0043 0x0e98 drmkaud - ok
10:04:56.0046 0x0e98 dtsoftbus01 - ok
10:04:56.0050 0x0e98 DXGKrnl - ok
10:04:56.0054 0x0e98 EapHost - ok
10:04:56.0057 0x0e98 ebdrv - ok
10:04:56.0061 0x0e98 EFS - ok
10:04:56.0064 0x0e98 ehRecvr - ok
10:04:56.0067 0x0e98 ehSched - ok
10:04:56.0071 0x0e98 elxstor - ok
10:04:56.0074 0x0e98 ErrDev - ok
10:04:56.0081 0x0e98 EventSystem - ok
10:04:56.0086 0x0e98 ew_hwusbdev - ok
10:04:56.0090 0x0e98 ew_usbenumfilter - ok
10:04:56.0094 0x0e98 exfat - ok
10:04:56.0098 0x0e98 fastfat - ok
10:04:56.0101 0x0e98 Fax - ok
10:04:56.0105 0x0e98 fdc - ok
10:04:56.0109 0x0e98 fdPHost - ok
10:04:56.0113 0x0e98 FDResPub - ok
10:04:56.0117 0x0e98 FileInfo - ok
10:04:56.0121 0x0e98 Filetrace - ok
10:04:56.0125 0x0e98 FLCDLOCK - ok
10:04:56.0129 0x0e98 FLEXnet Licensing Service - ok
10:04:56.0133 0x0e98 flpydisk - ok
10:04:56.0137 0x0e98 FltMgr - ok
10:04:56.0140 0x0e98 FontCache - ok
10:04:56.0144 0x0e98 FontCache3.0.0.0 - ok
10:04:56.0148 0x0e98 FsDepends - ok
10:04:56.0151 0x0e98 Fs_Rec - ok
10:04:56.0155 0x0e98 fvevol - ok
10:04:56.0159 0x0e98 gagp30kx - ok
10:04:56.0163 0x0e98 gpsvc - ok
10:04:56.0166 0x0e98 hcw85cir - ok
10:04:56.0170 0x0e98 HdAudAddService - ok
10:04:56.0173 0x0e98 HDAudBus - ok
10:04:56.0177 0x0e98 HECIx64 - ok
10:04:56.0181 0x0e98 HidBatt - ok
10:04:56.0184 0x0e98 HidBth - ok
10:04:56.0187 0x0e98 HidIr - ok
10:04:56.0192 0x0e98 hidserv - ok
10:04:56.0195 0x0e98 HidUsb - ok
10:04:56.0199 0x0e98 hkmsvc - ok
10:04:56.0202 0x0e98 HomeGroupListener - ok
10:04:56.0206 0x0e98 HomeGroupProvider - ok
10:04:56.0210 0x0e98 HP ProtectTools Service - ok
10:04:56.0214 0x0e98 HP Support Assistant Service - ok
10:04:56.0218 0x0e98 HP Wireless Assistant Service - ok
10:04:56.0222 0x0e98 HPDrvMntSvc.exe - ok
10:04:56.0226 0x0e98 hpdskflt - ok
10:04:56.0229 0x0e98 HpFkCryptService - ok
10:04:56.0233 0x0e98 HPFSService - ok
10:04:56.0237 0x0e98 hpHotkeyMonitor - ok
10:04:56.0241 0x0e98 HpqKbFiltr - ok
10:04:56.0245 0x0e98 hpqwmiex - ok
10:04:56.0248 0x0e98 HpSAMD - ok
10:04:56.0252 0x0e98 hpsrv - ok
10:04:56.0255 0x0e98 HTTP - ok
10:04:56.0259 0x0e98 huawei_cdcacm - ok
10:04:56.0263 0x0e98 huawei_enumerator - ok
10:04:56.0267 0x0e98 huawei_ext_ctrl - ok
10:04:56.0273 0x0e98 huawei_wwanecm - ok
10:04:56.0278 0x0e98 HWDeviceService64.exe - ok
10:04:56.0282 0x0e98 hwpolicy - ok
10:04:56.0288 0x0e98 i8042prt - ok
10:04:56.0292 0x0e98 iaStor - ok
10:04:56.0296 0x0e98 IAStorDataMgrSvc - ok
10:04:56.0300 0x0e98 iaStorV - ok
10:04:56.0305 0x0e98 idsvc - ok
10:04:56.0310 0x0e98 IEEtwCollectorService - ok
10:04:56.0314 0x0e98 iirsp - ok
10:04:56.0318 0x0e98 IKEEXT - ok
10:04:56.0323 0x0e98 intelide - ok
10:04:56.0327 0x0e98 intelppm - ok
10:04:56.0331 0x0e98 IPBusEnum - ok
10:04:56.0335 0x0e98 IpFilterDriver - ok
10:04:56.0339 0x0e98 iphlpsvc - ok
10:04:56.0344 0x0e98 IPMIDRV - ok
10:04:56.0347 0x0e98 IPNAT - ok
10:04:56.0351 0x0e98 IRENUM - ok
10:04:56.0354 0x0e98 isapnp - ok
10:04:56.0358 0x0e98 iScsiPrt - ok
10:04:56.0363 0x0e98 kbdclass - ok
10:04:56.0367 0x0e98 kbdhid - ok
10:04:56.0371 0x0e98 KeyIso - ok
10:04:56.0375 0x0e98 KSecDD - ok
10:04:56.0379 0x0e98 KSecPkg - ok
10:04:56.0382 0x0e98 ksthunk - ok
10:04:56.0386 0x0e98 KtmRm - ok
10:04:56.0391 0x0e98 LanmanServer - ok
10:04:56.0395 0x0e98 LanmanWorkstation - ok
10:04:56.0401 0x0e98 lltdio - ok
10:04:56.0406 0x0e98 lltdsvc - ok
10:04:56.0410 0x0e98 lmhosts - ok
10:04:56.0415 0x0e98 LMS - ok
10:04:56.0421 0x0e98 LSI_FC - ok
10:04:56.0425 0x0e98 LSI_SAS - ok
10:04:56.0429 0x0e98 LSI_SAS2 - ok
10:04:56.0433 0x0e98 LSI_SCSI - ok
10:04:56.0443 0x0e98 luafv - ok
10:04:56.0446 0x0e98 Mcx2Svc - ok
10:04:56.0450 0x0e98 megasas - ok
10:04:56.0454 0x0e98 MegaSR - ok
10:04:56.0459 0x0e98 Microsoft Office Groove Audit Service - ok
10:04:56.0463 0x0e98 MMCSS - ok
10:04:56.0466 0x0e98 Modem - ok
10:04:56.0470 0x0e98 monitor - ok
10:04:56.0476 0x0e98 mouclass - ok
10:04:56.0480 0x0e98 mouhid - ok
10:04:56.0484 0x0e98 mountmgr - ok
10:04:56.0488 0x0e98 MozillaMaintenance - ok
10:04:56.0492 0x0e98 mpio - ok
10:04:56.0497 0x0e98 mpsdrv - ok
10:04:56.0501 0x0e98 MpsSvc - ok
10:04:56.0505 0x0e98 MRxDAV - ok
10:04:56.0510 0x0e98 mrxsmb - ok
10:04:56.0514 0x0e98 mrxsmb10 - ok
10:04:56.0519 0x0e98 mrxsmb20 - ok
10:04:56.0524 0x0e98 msahci - ok
10:04:56.0528 0x0e98 msdsm - ok
10:04:56.0532 0x0e98 MSDTC - ok
10:04:56.0539 0x0e98 Msfs - ok
10:04:56.0544 0x0e98 mshidkmdf - ok
10:04:56.0548 0x0e98 msisadrv - ok
10:04:56.0552 0x0e98 MSiSCSI - ok
10:04:56.0556 0x0e98 msiserver - ok
10:04:56.0560 0x0e98 MSKSSRV - ok
10:04:56.0564 0x0e98 MSPCLOCK - ok
10:04:56.0569 0x0e98 MSPQM - ok
10:04:56.0573 0x0e98 MsRPC - ok
10:04:56.0579 0x0e98 mssmbios - ok
10:04:56.0584 0x0e98 MSTEE - ok
10:04:56.0588 0x0e98 MTConfig - ok
10:04:56.0592 0x0e98 Mup - ok
10:04:56.0596 0x0e98 napagent - ok
10:04:56.0601 0x0e98 NativeWifiP - ok
10:04:56.0605 0x0e98 NDIS - ok
10:04:56.0609 0x0e98 NdisCap - ok
10:04:56.0613 0x0e98 NdisTapi - ok
10:04:56.0618 0x0e98 Ndisuio - ok
10:04:56.0622 0x0e98 NdisWan - ok
10:04:56.0627 0x0e98 NDProxy - ok
10:04:56.0631 0x0e98 NetBIOS - ok
10:04:56.0636 0x0e98 NetBT - ok
10:04:56.0641 0x0e98 Netlogon - ok
10:04:56.0645 0x0e98 Netman - ok
10:04:56.0649 0x0e98 NetMsmqActivator - ok
10:04:56.0653 0x0e98 NetPipeActivator - ok
10:04:56.0658 0x0e98 netprofm - ok
10:04:56.0663 0x0e98 netr28x - ok
10:04:56.0667 0x0e98 NetTcpActivator - ok
10:04:56.0672 0x0e98 NetTcpPortSharing - ok
10:04:56.0676 0x0e98 nfrd960 - ok
10:04:56.0680 0x0e98 NlaSvc - ok
10:04:56.0684 0x0e98 Npfs - ok
10:04:56.0688 0x0e98 nsi - ok
10:04:56.0694 0x0e98 nsiproxy - ok
10:04:56.0700 0x0e98 Ntfs - ok
10:04:56.0705 0x0e98 Null - ok
10:04:56.0709 0x0e98 nvraid - ok
10:04:56.0714 0x0e98 nvstor - ok
10:04:56.0720 0x0e98 nv_agp - ok
10:04:56.0724 0x0e98 O2 Internet. RunOuc - ok
10:04:56.0729 0x0e98 odserv - ok
10:04:56.0733 0x0e98 ohci1394 - ok
10:04:56.0737 0x0e98 ose - ok
10:04:56.0744 0x0e98 p2pimsvc - ok
10:04:56.0749 0x0e98 p2psvc - ok
10:04:56.0755 0x0e98 Parport - ok
10:04:56.0762 0x0e98 partmgr - ok
10:04:56.0769 0x0e98 PcaSvc - ok
10:04:56.0775 0x0e98 pci - ok
10:04:56.0782 0x0e98 pciide - ok
10:04:56.0787 0x0e98 pcmcia - ok
10:04:56.0794 0x0e98 pcw - ok
10:04:56.0800 0x0e98 pdfcDispatcher - ok
10:04:56.0806 0x0e98 PEAUTH - ok
10:04:56.0815 0x0e98 PerfHost - ok
10:04:56.0826 0x0e98 pla - ok
10:04:56.0830 0x0e98 PlugPlay - ok
10:04:56.0834 0x0e98 PNRPAutoReg - ok
10:04:56.0839 0x0e98 PNRPsvc - ok
10:04:56.0844 0x0e98 PolicyAgent - ok
10:04:56.0851 0x0e98 Power - ok
10:04:56.0855 0x0e98 PptpMiniport - ok
10:04:56.0860 0x0e98 Processor - ok
10:04:56.0864 0x0e98 ProfSvc - ok
10:04:56.0869 0x0e98 ProtectedStorage - ok
10:04:56.0874 0x0e98 Psched - ok
10:04:56.0879 0x0e98 ql2300 - ok
10:04:56.0883 0x0e98 ql40xx - ok
10:04:56.0887 0x0e98 QWAVE - ok
10:04:56.0892 0x0e98 QWAVEdrv - ok
10:04:56.0896 0x0e98 RasAcd - ok
10:04:56.0901 0x0e98 RasAgileVpn - ok
10:04:56.0905 0x0e98 RasAuto - ok
10:04:56.0910 0x0e98 Rasl2tp - ok
10:04:56.0914 0x0e98 RasMan - ok
10:04:56.0918 0x0e98 RasPppoe - ok
10:04:56.0923 0x0e98 RasSstp - ok
10:04:56.0928 0x0e98 rdbss - ok
10:04:56.0933 0x0e98 rdpbus - ok
10:04:56.0937 0x0e98 RDPCDD - ok
10:04:56.0944 0x0e98 RDPENCDD - ok
10:04:56.0952 0x0e98 RDPREFMP - ok
10:04:56.0959 0x0e98 RdpVideoMiniport - ok
10:04:56.0964 0x0e98 RDPWD - ok
10:04:56.0968 0x0e98 rdyboost - ok
10:04:56.0973 0x0e98 RemoteAccess - ok
10:04:56.0978 0x0e98 RemoteRegistry - ok
10:04:56.0983 0x0e98 RFCOMM - ok
10:04:56.0988 0x0e98 RpcEptMapper - ok
10:04:56.0993 0x0e98 RpcLocator - ok
10:04:56.0998 0x0e98 RpcSs - ok
10:04:57.0003 0x0e98 rspndr - ok
10:04:57.0008 0x0e98 RSUSBSTOR - ok
10:04:57.0014 0x0e98 RsvLock - ok
10:04:57.0021 0x0e98 RTL8167 - ok
10:04:57.0026 0x0e98 rtsuvc - ok
10:04:57.0031 0x0e98 SamSs - ok
10:04:57.0036 0x0e98 sbp2port - ok
10:04:57.0041 0x0e98 SCardSvr - ok
10:04:57.0046 0x0e98 scfilter - ok
10:04:57.0052 0x0e98 Schedule - ok
10:04:57.0057 0x0e98 SCPolicySvc - ok
10:04:57.0062 0x0e98 SDRSVC - ok
10:04:57.0067 0x0e98 secdrv - ok
10:04:57.0073 0x0e98 seclogon - ok
10:04:57.0079 0x0e98 SENS - ok
10:04:57.0083 0x0e98 SensrSvc - ok
10:04:57.0088 0x0e98 Serenum - ok
10:04:57.0093 0x0e98 Serial - ok
10:04:57.0098 0x0e98 sermouse - ok
10:04:57.0112 0x0e98 SessionEnv - ok
10:04:57.0117 0x0e98 sffdisk - ok
10:04:57.0122 0x0e98 sffp_mmc - ok
10:04:57.0127 0x0e98 sffp_sd - ok
10:04:57.0132 0x0e98 sfloppy - ok
10:04:57.0139 0x0e98 SharedAccess - ok
10:04:57.0159 0x0e98 ShellHWDetection - ok
10:04:57.0164 0x0e98 SiSRaid2 - ok
10:04:57.0171 0x0e98 SiSRaid4 - ok
10:04:57.0176 0x0e98 Smb - ok
10:04:57.0187 0x0e98 SNMPTRAP - ok
10:04:57.0192 0x0e98 spldr - ok
10:04:57.0199 0x0e98 Spooler - ok
10:04:57.0204 0x0e98 sppsvc - ok
10:04:57.0209 0x0e98 sppuinotify - ok
10:04:57.0215 0x0e98 srv - ok
10:04:57.0221 0x0e98 srv2 - ok
10:04:57.0227 0x0e98 srvnet - ok
10:04:57.0232 0x0e98 ssadbus - ok
10:04:57.0236 0x0e98 ssadmdfl - ok
10:04:57.0241 0x0e98 ssadmdm - ok
10:04:57.0247 0x0e98 ssadserd - ok
10:04:57.0252 0x0e98 SSDPSRV - ok
10:04:57.0258 0x0e98 SstpSvc - ok
10:04:57.0263 0x0e98 STacSV - ok
10:04:57.0268 0x0e98 stexstor - ok
10:04:57.0273 0x0e98 STHDA - ok
10:04:57.0278 0x0e98 stisvc - ok
10:04:57.0283 0x0e98 swenum - ok
10:04:57.0289 0x0e98 swprv - ok
10:04:57.0295 0x0e98 SynTP - ok
10:04:57.0300 0x0e98 SysMain - ok
10:04:57.0305 0x0e98 TabletInputService - ok
10:04:57.0311 0x0e98 TapiSrv - ok
10:04:57.0318 0x0e98 TBS - ok
10:04:57.0324 0x0e98 Tcpip - ok
10:04:57.0329 0x0e98 TCPIP6 - ok
10:04:57.0338 0x0e98 tcpipreg - ok
10:04:57.0347 0x0e98 TDPIPE - ok
10:04:57.0353 0x0e98 TDTCP - ok
10:04:57.0359 0x0e98 tdx - ok
10:04:57.0364 0x0e98 TermDD - ok
10:04:57.0369 0x0e98 TermService - ok
10:04:57.0374 0x0e98 Themes - ok
10:04:57.0380 0x0e98 THREADORDER - ok
10:04:57.0386 0x0e98 TrkWks - ok
10:04:57.0392 0x0e98 TrustedInstaller - ok
10:04:57.0401 0x0e98 tssecsrv - ok
10:04:57.0406 0x0e98 TsUsbFlt - ok
10:04:57.0412 0x0e98 tunnel - ok
10:04:57.0417 0x0e98 uagp35 - ok
10:04:57.0422 0x0e98 uArcCapture - ok
10:04:57.0427 0x0e98 udfs - ok
10:04:57.0438 0x0e98 UI0Detect - ok
10:04:57.0443 0x0e98 uliagpkx - ok
10:04:57.0448 0x0e98 umbus - ok
10:04:57.0454 0x0e98 UmPass - ok
10:04:57.0460 0x0e98 UNS - ok
10:04:57.0466 0x0e98 upnphost - ok
10:04:57.0471 0x0e98 usbccgp - ok
10:04:57.0476 0x0e98 usbcir - ok
10:04:57.0481 0x0e98 usbehci - ok
10:04:57.0487 0x0e98 usbhub - ok
10:04:57.0493 0x0e98 usbohci - ok
10:04:57.0498 0x0e98 usbprint - ok
10:04:57.0503 0x0e98 USBSTOR - ok
10:04:57.0508 0x0e98 usbuhci - ok
10:04:57.0514 0x0e98 usbvideo - ok
10:04:57.0519 0x0e98 usb_rndisx - ok
10:04:57.0524 0x0e98 UxSms - ok
10:04:57.0530 0x0e98 VaultSvc - ok
10:04:57.0535 0x0e98 vcsFPService - ok
10:04:57.0540 0x0e98 vdrvroot - ok
10:04:57.0546 0x0e98 vds - ok
10:04:57.0551 0x0e98 vga - ok
10:04:57.0556 0x0e98 VgaSave - ok
10:04:57.0562 0x0e98 vhdmp - ok
10:04:57.0567 0x0e98 viaide - ok
10:04:57.0573 0x0e98 volmgr - ok
10:04:57.0578 0x0e98 volmgrx - ok
10:04:57.0583 0x0e98 volsnap - ok
10:04:57.0588 0x0e98 vsmraid - ok
10:04:57.0595 0x0e98 VSS - ok
10:04:57.0601 0x0e98 vwifibus - ok
10:04:57.0607 0x0e98 vwififlt - ok
10:04:57.0614 0x0e98 W32Time - ok
10:04:57.0625 0x0e98 WacomPen - ok
10:04:57.0631 0x0e98 WANARP - ok
10:04:57.0636 0x0e98 Wanarpv6 - ok
10:04:57.0642 0x0e98 WatAdminSvc - ok
10:04:57.0647 0x0e98 wbengine - ok
10:04:57.0653 0x0e98 WbioSrvc - ok
10:04:57.0658 0x0e98 wcncsvc - ok
10:04:57.0664 0x0e98 WcsPlugInService - ok
10:04:57.0669 0x0e98 Wd - ok
10:04:57.0676 0x0e98 Wdf01000 - ok
10:04:57.0681 0x0e98 WdiServiceHost - ok
10:04:57.0686 0x0e98 WdiSystemHost - ok
10:04:57.0691 0x0e98 WebClient - ok
10:04:57.0697 0x0e98 Wecsvc - ok
10:04:57.0702 0x0e98 wercplsupport - ok
10:04:57.0708 0x0e98 WerSvc - ok
10:04:57.0714 0x0e98 WfpLwf - ok
10:04:57.0719 0x0e98 WIMMount - ok
10:04:57.0726 0x0e98 WinDefend - ok
10:04:57.0740 0x0e98 WinHttpAutoProxySvc - ok
10:04:57.0746 0x0e98 Winmgmt - ok
10:04:57.0751 0x0e98 WinRM - ok
10:04:57.0765 0x0e98 WinUSB - ok
10:04:57.0771 0x0e98 Wlansvc - ok
10:04:57.0778 0x0e98 WmiAcpi - ok
10:04:57.0787 0x0e98 wmiApSrv - ok
10:04:57.0792 0x0e98 WMPNetworkSvc - ok
10:04:57.0798 0x0e98 WPCSvc - ok
10:04:57.0803 0x0e98 WPDBusEnum - ok
10:04:57.0810 0x0e98 ws2ifsl - ok
10:04:57.0816 0x0e98 wscsvc - ok
10:04:57.0822 0x0e98 WSearch - ok
10:04:57.0832 0x0e98 wuauserv - ok
10:04:57.0837 0x0e98 WudfPf - ok
10:04:57.0844 0x0e98 WUDFRd - ok
10:04:57.0849 0x0e98 wudfsvc - ok
10:04:57.0856 0x0e98 WwanSvc - ok
10:04:57.0883 0x0e98 ================ Scan global ===============================
10:04:57.0884 0x0e98 [ Global ] - ok
10:04:57.0885 0x0e98 ================ Scan MBR ==================================
10:04:57.0895 0x0e98 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
10:04:58.0293 0x0e98 \Device\Harddisk0\DR0 - ok
10:04:58.0293 0x0e98 ================ Scan VBR ==================================
10:04:58.0293 0x0e98 ================ Scan generic autorun ======================
10:04:58.0294 0x0e98 HPWirelessAssistant - ok
10:04:58.0296 0x0e98 SynTPEnh - ok
10:04:58.0299 0x0e98 SysTrayApp - ok
10:04:58.0302 0x0e98 Logitech Download Assistant - ok
10:04:58.0305 0x0e98 StartCCC - ok
10:04:58.0308 0x0e98 IAStorIcon - ok
10:04:58.0311 0x0e98 DTRun - ok
10:04:58.0313 0x0e98 AvastUI.exe - ok
10:04:58.0316 0x0e98 APSDaemon - ok
10:04:58.0319 0x0e98 QLBController - ok
10:04:58.0321 0x0e98 ISUSScheduler - ok
10:04:58.0324 0x0e98 Sidebar - ok
10:04:58.0327 0x0e98 ISUSPM Startup - ok
10:04:58.0329 0x0e98 uTorrent - ok
10:04:58.0365 0x0e98 AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 10.2.2218.942 ), 0x41000 ( enabled : updated )
10:04:58.0402 0x0e98 Win FW state via NFP2: enabled
10:05:01.0123 0x0e98 ============================================================
10:05:01.0123 0x0e98 Scan finished
10:05:01.0123 0x0e98 ============================================================
10:05:01.0138 0x1028 Detected object count: 0
10:05:01.0138 0x1028 Actual detected object count: 0
10:06:35.0806 0x0ec8 Deinitialize success
Re: Prosím o kontrolu logu.
Toto je OK. Tak jeste ten druhy 
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Prosím o kontrolu logu.
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.09.1.1004
(c) Malwarebytes Corporation 2011-2012
OS version: 6.1.7601 Windows 7 Service Pack 1 x64
Account is Administrative
Internet Explorer version: 11.0.9600.17801
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED, E:\ DRIVE_FIXED, F:\ DRIVE_FIXED, I:\ DRIVE_FIXED
CPU speed: 2.660000 GHz
Memory total: 4143374336, free: 2061070336
Downloaded database version: v2015.05.22.06
Downloaded database version: v2015.05.16.01
Downloaded database version: v2015.05.13.01
Initializing...
======================
------------ Kernel report ------------
05/23/2015 10:10:59
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\ACPI.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\system32\drivers\vdrvroot.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\DRIVERS\compbatt.sys
\SystemRoot\system32\DRIVERS\BATTC.SYS
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\DRIVERS\iaStor.sys
\SystemRoot\system32\drivers\atapi.sys
\SystemRoot\system32\drivers\ataport.SYS
\SystemRoot\system32\drivers\msahci.sys
\SystemRoot\system32\drivers\PCIIDEX.SYS
\SystemRoot\system32\drivers\amdxata.sys
\SystemRoot\System32\Drivers\SbAlg.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\SbFsLock.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\System32\Drivers\SafeBoot.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\system32\DRIVERS\hpdskflt.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\DRIVERS\disk.sys
\SystemRoot\system32\DRIVERS\CLASSPNP.SYS
\SystemRoot\System32\Drivers\aswVmm.sys
\SystemRoot\System32\Drivers\aswRvrt.sys
\SystemRoot\system32\DRIVERS\dtsoftbus01.sys
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\system32\drivers\aswSnx.sys
\SystemRoot\system32\drivers\aswSP.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\system32\drivers\aswRdr2.sys
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\ws2ifsl.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\vwififlt.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\drivers\termdd.sys
\SystemRoot\System32\Drivers\RsvLock.SYS
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\drivers\mssmbios.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\blbdrive.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\DRIVERS\atikmpag.sys
\SystemRoot\system32\DRIVERS\atikmdag.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\system32\drivers\HDAudBus.sys
\SystemRoot\system32\DRIVERS\HECIx64.sys
\SystemRoot\system32\DRIVERS\usbehci.sys
\SystemRoot\system32\DRIVERS\USBPORT.SYS
\SystemRoot\system32\DRIVERS\netr28x.sys
\SystemRoot\system32\DRIVERS\vwifibus.sys
\SystemRoot\system32\drivers\i8042prt.sys
\SystemRoot\system32\DRIVERS\HpqKbFiltr.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\SynTP.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\SysWOW64\drivers\Afc.sys
\SystemRoot\system32\DRIVERS\Accelerometer.sys
\SystemRoot\system32\DRIVERS\CmBatt.sys
\SystemRoot\system32\drivers\wmiacpi.sys
\SystemRoot\system32\drivers\CompositeBus.sys
\SystemRoot\system32\DRIVERS\ArcSoftVCapture.sys
\SystemRoot\system32\DRIVERS\STREAM.SYS
\SystemRoot\system32\DRIVERS\ks.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\drivers\swenum.sys
\SystemRoot\system32\drivers\umbus.sys
\SystemRoot\system32\DRIVERS\ew_jubusenum.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\drivers\AtiHdmi.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\DRIVERS\stwrt64.sys
\SystemRoot\System32\Drivers\fastfat.SYS
\SystemRoot\system32\drivers\WinUsb.sys
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\system32\DRIVERS\hidusb.sys
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\system32\DRIVERS\kbdhid.sys
\SystemRoot\system32\DRIVERS\mouhid.sys
\SystemRoot\System32\Drivers\BTHUSB.sys
\SystemRoot\System32\Drivers\bthport.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_iaStor.sys
\SystemRoot\System32\Drivers\dump_SbHiber.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\system32\DRIVERS\rtsuvc.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\system32\DRIVERS\rfcomm.sys
\SystemRoot\system32\drivers\BthEnum.sys
\SystemRoot\system32\DRIVERS\bthpan.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\System32\ATMFD.DLL
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\drivers\aswMonFlt.sys
\SystemRoot\system32\drivers\aswStm.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\system32\drivers\aswHwid.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\??\C:\Windows\system32\Drivers\PROCEXP113.SYS
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\MBAMSwissArmy.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
\Windows\System32\autochk.exe
----------- End -----------
Done!
Scan started
Database versions:
main: v2015.05.22.06
rootkit: v2015.05.16.01
<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xfffffa8004d2d060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa8004d2fb90, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa8004d2f040, DeviceName: Unknown, DriverName: \Driver\SafeBoot\
DevicePointer: 0xfffffa8004d2d060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa8004bc8b10, DeviceName: Unknown, DriverName: \Driver\hpdskflt\
DevicePointer: 0xfffffa8004aca1e0, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xfffffa8004acf050, DeviceName: \Device\Ide\IAAStorageDevice-1\, DriverName: \Driver\iaStor\
------------ End ----------
Alternate DeviceName: Unknown, DriverName: \Driver\SafeBoot\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
File user open failed: C:\WINDOWS\SYSTEM32\drivers\SafeBoot.sys (0x00000020)
Done!
Drive 0
This is a System drive
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: B7E4A3E6
Partition information:
Partition 0 type is Dynamic (0x42)
Partition is NOT ACTIVE.
Partition starts at LBA: 63 Numsec = 1985
Partition 1 type is Dynamic (0x42)
Partition is ACTIVE.
Partition starts at LBA: 2048 Numsec = 614400
Partition file system is NTFS
Partition is bootable
Partition 2 type is Dynamic (0x42)
Partition is NOT ACTIVE.
Partition starts at LBA: 616448 Numsec = 479469568
Partition 3 type is Dynamic (0x42)
Partition is NOT ACTIVE.
Partition starts at LBA: 480086016 Numsec = 496685104
Disk Size: 500107862016 bytes
Sector size: 512 bytes
Done!
File "C:\ProgramData\AVAST Software\Avast\log\AvastSvc.log" is compressed (flags = 1)
File "C:\ProgramData\AVAST Software\Avast\log\AvastUI.log" is compressed (flags = 1)
File "C:\ProgramData\AVAST Software\Avast\log\CommChannel.Protocol.log" is compressed (flags = 1)
File "C:\ProgramData\AVAST Software\Avast\log\Grimefighter.log" is compressed (flags = 1)
File "C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-15570AE4C9F78CCB0CD6DE2FAE30417E70EA6906.bin.VF" is compressed (flags = 1)
File "C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-15570AE4C9F78CCB0CD6DE2FAE30417E70EA6906.bin.VE1" is compressed (flags = 1)
Scan finished
=======================================
Removal queue found; removal started
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-0-1-2048-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam...
Removal finished
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.09.1.1004
(c) Malwarebytes Corporation 2011-2012
OS version: 6.1.7601 Windows 7 Service Pack 1 x64
Account is Administrative
Internet Explorer version: 11.0.9600.17801
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED, E:\ DRIVE_FIXED, F:\ DRIVE_FIXED, I:\ DRIVE_FIXED
CPU speed: 2.660000 GHz
Memory total: 4143374336, free: 1755238400
=======================================
Initializing...
------------ Kernel report ------------
05/23/2015 10:27:55
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\ACPI.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\system32\drivers\vdrvroot.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\DRIVERS\compbatt.sys
\SystemRoot\system32\DRIVERS\BATTC.SYS
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\DRIVERS\iaStor.sys
\SystemRoot\system32\drivers\atapi.sys
\SystemRoot\system32\drivers\ataport.SYS
\SystemRoot\system32\drivers\msahci.sys
\SystemRoot\system32\drivers\PCIIDEX.SYS
\SystemRoot\system32\drivers\amdxata.sys
\SystemRoot\System32\Drivers\SbAlg.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\SbFsLock.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\System32\Drivers\SafeBoot.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\system32\DRIVERS\hpdskflt.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\DRIVERS\disk.sys
\SystemRoot\system32\DRIVERS\CLASSPNP.SYS
\SystemRoot\System32\Drivers\aswVmm.sys
\SystemRoot\System32\Drivers\aswRvrt.sys
\SystemRoot\system32\DRIVERS\dtsoftbus01.sys
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\system32\drivers\aswSnx.sys
\SystemRoot\system32\drivers\aswSP.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\system32\drivers\aswRdr2.sys
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\ws2ifsl.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\vwififlt.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\drivers\termdd.sys
\SystemRoot\System32\Drivers\RsvLock.SYS
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\drivers\mssmbios.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\blbdrive.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\DRIVERS\atikmpag.sys
\SystemRoot\system32\DRIVERS\atikmdag.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\system32\drivers\HDAudBus.sys
\SystemRoot\system32\DRIVERS\HECIx64.sys
\SystemRoot\system32\DRIVERS\usbehci.sys
\SystemRoot\system32\DRIVERS\USBPORT.SYS
\SystemRoot\system32\DRIVERS\netr28x.sys
\SystemRoot\system32\DRIVERS\vwifibus.sys
\SystemRoot\system32\drivers\i8042prt.sys
\SystemRoot\system32\DRIVERS\HpqKbFiltr.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\SynTP.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\SysWOW64\drivers\Afc.sys
\SystemRoot\system32\DRIVERS\Accelerometer.sys
\SystemRoot\system32\DRIVERS\CmBatt.sys
\SystemRoot\system32\drivers\wmiacpi.sys
\SystemRoot\system32\drivers\CompositeBus.sys
\SystemRoot\system32\DRIVERS\ArcSoftVCapture.sys
\SystemRoot\system32\DRIVERS\STREAM.SYS
\SystemRoot\system32\DRIVERS\ks.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\drivers\swenum.sys
\SystemRoot\system32\drivers\umbus.sys
\SystemRoot\system32\DRIVERS\ew_jubusenum.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\drivers\AtiHdmi.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\DRIVERS\stwrt64.sys
\SystemRoot\System32\Drivers\fastfat.SYS
\SystemRoot\system32\drivers\WinUsb.sys
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\system32\DRIVERS\hidusb.sys
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\system32\DRIVERS\kbdhid.sys
\SystemRoot\system32\DRIVERS\mouhid.sys
\SystemRoot\System32\Drivers\BTHUSB.sys
\SystemRoot\System32\Drivers\bthport.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_iaStor.sys
\SystemRoot\System32\Drivers\dump_SbHiber.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\system32\DRIVERS\rtsuvc.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\system32\DRIVERS\rfcomm.sys
\SystemRoot\system32\drivers\BthEnum.sys
\SystemRoot\system32\DRIVERS\bthpan.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\System32\ATMFD.DLL
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\drivers\aswMonFlt.sys
\SystemRoot\system32\drivers\aswStm.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\system32\drivers\aswHwid.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\??\C:\Windows\system32\Drivers\PROCEXP113.SYS
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\MBAMSwissArmy.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
\Windows\System32\autochk.exe
----------- End -----------
Done!
Scan started
Database versions:
main: v2014.11.18.05
rootkit: v2014.11.12.01
<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xfffffa8004d2d060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa8004d2fb90, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa8004d2f040, DeviceName: Unknown, DriverName: \Driver\SafeBoot\
DevicePointer: 0xfffffa8004d2d060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa8004bc8b10, DeviceName: Unknown, DriverName: \Driver\hpdskflt\
DevicePointer: 0xfffffa8004aca1e0, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xfffffa8004acf050, DeviceName: \Device\Ide\IAAStorageDevice-1\, DriverName: \Driver\iaStor\
------------ End ----------
Alternate DeviceName: Unknown, DriverName: \Driver\SafeBoot\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
File user open failed: C:\WINDOWS\SYSTEM32\drivers\SafeBoot.sys (0x00000020)
Done!
Drive 0
This is a System drive
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: B7E4A3E6
Partition information:
Partition 0 type is Dynamic (0x42)
Partition is NOT ACTIVE.
Partition starts at LBA: 63 Numsec = 1985
Partition 1 type is Dynamic (0x42)
Partition is ACTIVE.
Partition starts at LBA: 2048 Numsec = 614400
Partition file system is NTFS
Partition is bootable
Partition 2 type is Dynamic (0x42)
Partition is NOT ACTIVE.
Partition starts at LBA: 616448 Numsec = 479469568
Partition 3 type is Dynamic (0x42)
Partition is NOT ACTIVE.
Partition starts at LBA: 480086016 Numsec = 496685104
Disk Size: 500107862016 bytes
Sector size: 512 bytes
Done!
Scan Interrupted
Scan was aborted.
=======================================
Removal queue found; removal started
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-0-1-2048-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam...
Removal finished
Malwarebytes Anti-Rootkit BETA 1.09.1.1004
(c) Malwarebytes Corporation 2011-2012
OS version: 6.1.7601 Windows 7 Service Pack 1 x64
Account is Administrative
Internet Explorer version: 11.0.9600.17801
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED, E:\ DRIVE_FIXED, F:\ DRIVE_FIXED, I:\ DRIVE_FIXED
CPU speed: 2.660000 GHz
Memory total: 4143374336, free: 2061070336
Downloaded database version: v2015.05.22.06
Downloaded database version: v2015.05.16.01
Downloaded database version: v2015.05.13.01
Initializing...
======================
------------ Kernel report ------------
05/23/2015 10:10:59
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\ACPI.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\system32\drivers\vdrvroot.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\DRIVERS\compbatt.sys
\SystemRoot\system32\DRIVERS\BATTC.SYS
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\DRIVERS\iaStor.sys
\SystemRoot\system32\drivers\atapi.sys
\SystemRoot\system32\drivers\ataport.SYS
\SystemRoot\system32\drivers\msahci.sys
\SystemRoot\system32\drivers\PCIIDEX.SYS
\SystemRoot\system32\drivers\amdxata.sys
\SystemRoot\System32\Drivers\SbAlg.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\SbFsLock.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\System32\Drivers\SafeBoot.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\system32\DRIVERS\hpdskflt.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\DRIVERS\disk.sys
\SystemRoot\system32\DRIVERS\CLASSPNP.SYS
\SystemRoot\System32\Drivers\aswVmm.sys
\SystemRoot\System32\Drivers\aswRvrt.sys
\SystemRoot\system32\DRIVERS\dtsoftbus01.sys
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\system32\drivers\aswSnx.sys
\SystemRoot\system32\drivers\aswSP.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\system32\drivers\aswRdr2.sys
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\ws2ifsl.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\vwififlt.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\drivers\termdd.sys
\SystemRoot\System32\Drivers\RsvLock.SYS
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\drivers\mssmbios.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\blbdrive.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\DRIVERS\atikmpag.sys
\SystemRoot\system32\DRIVERS\atikmdag.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\system32\drivers\HDAudBus.sys
\SystemRoot\system32\DRIVERS\HECIx64.sys
\SystemRoot\system32\DRIVERS\usbehci.sys
\SystemRoot\system32\DRIVERS\USBPORT.SYS
\SystemRoot\system32\DRIVERS\netr28x.sys
\SystemRoot\system32\DRIVERS\vwifibus.sys
\SystemRoot\system32\drivers\i8042prt.sys
\SystemRoot\system32\DRIVERS\HpqKbFiltr.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\SynTP.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\SysWOW64\drivers\Afc.sys
\SystemRoot\system32\DRIVERS\Accelerometer.sys
\SystemRoot\system32\DRIVERS\CmBatt.sys
\SystemRoot\system32\drivers\wmiacpi.sys
\SystemRoot\system32\drivers\CompositeBus.sys
\SystemRoot\system32\DRIVERS\ArcSoftVCapture.sys
\SystemRoot\system32\DRIVERS\STREAM.SYS
\SystemRoot\system32\DRIVERS\ks.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\drivers\swenum.sys
\SystemRoot\system32\drivers\umbus.sys
\SystemRoot\system32\DRIVERS\ew_jubusenum.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\drivers\AtiHdmi.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\DRIVERS\stwrt64.sys
\SystemRoot\System32\Drivers\fastfat.SYS
\SystemRoot\system32\drivers\WinUsb.sys
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\system32\DRIVERS\hidusb.sys
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\system32\DRIVERS\kbdhid.sys
\SystemRoot\system32\DRIVERS\mouhid.sys
\SystemRoot\System32\Drivers\BTHUSB.sys
\SystemRoot\System32\Drivers\bthport.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_iaStor.sys
\SystemRoot\System32\Drivers\dump_SbHiber.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\system32\DRIVERS\rtsuvc.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\system32\DRIVERS\rfcomm.sys
\SystemRoot\system32\drivers\BthEnum.sys
\SystemRoot\system32\DRIVERS\bthpan.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\System32\ATMFD.DLL
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\drivers\aswMonFlt.sys
\SystemRoot\system32\drivers\aswStm.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\system32\drivers\aswHwid.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\??\C:\Windows\system32\Drivers\PROCEXP113.SYS
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\MBAMSwissArmy.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
\Windows\System32\autochk.exe
----------- End -----------
Done!
Scan started
Database versions:
main: v2015.05.22.06
rootkit: v2015.05.16.01
<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xfffffa8004d2d060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa8004d2fb90, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa8004d2f040, DeviceName: Unknown, DriverName: \Driver\SafeBoot\
DevicePointer: 0xfffffa8004d2d060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa8004bc8b10, DeviceName: Unknown, DriverName: \Driver\hpdskflt\
DevicePointer: 0xfffffa8004aca1e0, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xfffffa8004acf050, DeviceName: \Device\Ide\IAAStorageDevice-1\, DriverName: \Driver\iaStor\
------------ End ----------
Alternate DeviceName: Unknown, DriverName: \Driver\SafeBoot\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
File user open failed: C:\WINDOWS\SYSTEM32\drivers\SafeBoot.sys (0x00000020)
Done!
Drive 0
This is a System drive
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: B7E4A3E6
Partition information:
Partition 0 type is Dynamic (0x42)
Partition is NOT ACTIVE.
Partition starts at LBA: 63 Numsec = 1985
Partition 1 type is Dynamic (0x42)
Partition is ACTIVE.
Partition starts at LBA: 2048 Numsec = 614400
Partition file system is NTFS
Partition is bootable
Partition 2 type is Dynamic (0x42)
Partition is NOT ACTIVE.
Partition starts at LBA: 616448 Numsec = 479469568
Partition 3 type is Dynamic (0x42)
Partition is NOT ACTIVE.
Partition starts at LBA: 480086016 Numsec = 496685104
Disk Size: 500107862016 bytes
Sector size: 512 bytes
Done!
File "C:\ProgramData\AVAST Software\Avast\log\AvastSvc.log" is compressed (flags = 1)
File "C:\ProgramData\AVAST Software\Avast\log\AvastUI.log" is compressed (flags = 1)
File "C:\ProgramData\AVAST Software\Avast\log\CommChannel.Protocol.log" is compressed (flags = 1)
File "C:\ProgramData\AVAST Software\Avast\log\Grimefighter.log" is compressed (flags = 1)
File "C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-15570AE4C9F78CCB0CD6DE2FAE30417E70EA6906.bin.VF" is compressed (flags = 1)
File "C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-15570AE4C9F78CCB0CD6DE2FAE30417E70EA6906.bin.VE1" is compressed (flags = 1)
Scan finished
=======================================
Removal queue found; removal started
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-0-1-2048-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam...
Removal finished
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.09.1.1004
(c) Malwarebytes Corporation 2011-2012
OS version: 6.1.7601 Windows 7 Service Pack 1 x64
Account is Administrative
Internet Explorer version: 11.0.9600.17801
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED, E:\ DRIVE_FIXED, F:\ DRIVE_FIXED, I:\ DRIVE_FIXED
CPU speed: 2.660000 GHz
Memory total: 4143374336, free: 1755238400
=======================================
Initializing...
------------ Kernel report ------------
05/23/2015 10:27:55
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\ACPI.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\system32\drivers\vdrvroot.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\DRIVERS\compbatt.sys
\SystemRoot\system32\DRIVERS\BATTC.SYS
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\DRIVERS\iaStor.sys
\SystemRoot\system32\drivers\atapi.sys
\SystemRoot\system32\drivers\ataport.SYS
\SystemRoot\system32\drivers\msahci.sys
\SystemRoot\system32\drivers\PCIIDEX.SYS
\SystemRoot\system32\drivers\amdxata.sys
\SystemRoot\System32\Drivers\SbAlg.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\SbFsLock.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\System32\Drivers\SafeBoot.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\system32\DRIVERS\hpdskflt.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\DRIVERS\disk.sys
\SystemRoot\system32\DRIVERS\CLASSPNP.SYS
\SystemRoot\System32\Drivers\aswVmm.sys
\SystemRoot\System32\Drivers\aswRvrt.sys
\SystemRoot\system32\DRIVERS\dtsoftbus01.sys
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\system32\drivers\aswSnx.sys
\SystemRoot\system32\drivers\aswSP.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\system32\drivers\aswRdr2.sys
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\ws2ifsl.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\vwififlt.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\drivers\termdd.sys
\SystemRoot\System32\Drivers\RsvLock.SYS
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\drivers\mssmbios.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\blbdrive.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\DRIVERS\atikmpag.sys
\SystemRoot\system32\DRIVERS\atikmdag.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\system32\drivers\HDAudBus.sys
\SystemRoot\system32\DRIVERS\HECIx64.sys
\SystemRoot\system32\DRIVERS\usbehci.sys
\SystemRoot\system32\DRIVERS\USBPORT.SYS
\SystemRoot\system32\DRIVERS\netr28x.sys
\SystemRoot\system32\DRIVERS\vwifibus.sys
\SystemRoot\system32\drivers\i8042prt.sys
\SystemRoot\system32\DRIVERS\HpqKbFiltr.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\SynTP.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\SysWOW64\drivers\Afc.sys
\SystemRoot\system32\DRIVERS\Accelerometer.sys
\SystemRoot\system32\DRIVERS\CmBatt.sys
\SystemRoot\system32\drivers\wmiacpi.sys
\SystemRoot\system32\drivers\CompositeBus.sys
\SystemRoot\system32\DRIVERS\ArcSoftVCapture.sys
\SystemRoot\system32\DRIVERS\STREAM.SYS
\SystemRoot\system32\DRIVERS\ks.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\drivers\swenum.sys
\SystemRoot\system32\drivers\umbus.sys
\SystemRoot\system32\DRIVERS\ew_jubusenum.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\drivers\AtiHdmi.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\DRIVERS\stwrt64.sys
\SystemRoot\System32\Drivers\fastfat.SYS
\SystemRoot\system32\drivers\WinUsb.sys
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\system32\DRIVERS\hidusb.sys
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\system32\DRIVERS\kbdhid.sys
\SystemRoot\system32\DRIVERS\mouhid.sys
\SystemRoot\System32\Drivers\BTHUSB.sys
\SystemRoot\System32\Drivers\bthport.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_iaStor.sys
\SystemRoot\System32\Drivers\dump_SbHiber.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\system32\DRIVERS\rtsuvc.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\system32\DRIVERS\rfcomm.sys
\SystemRoot\system32\drivers\BthEnum.sys
\SystemRoot\system32\DRIVERS\bthpan.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\System32\ATMFD.DLL
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\drivers\aswMonFlt.sys
\SystemRoot\system32\drivers\aswStm.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\system32\drivers\aswHwid.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\??\C:\Windows\system32\Drivers\PROCEXP113.SYS
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\MBAMSwissArmy.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
\Windows\System32\autochk.exe
----------- End -----------
Done!
Scan started
Database versions:
main: v2014.11.18.05
rootkit: v2014.11.12.01
<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xfffffa8004d2d060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa8004d2fb90, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa8004d2f040, DeviceName: Unknown, DriverName: \Driver\SafeBoot\
DevicePointer: 0xfffffa8004d2d060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa8004bc8b10, DeviceName: Unknown, DriverName: \Driver\hpdskflt\
DevicePointer: 0xfffffa8004aca1e0, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xfffffa8004acf050, DeviceName: \Device\Ide\IAAStorageDevice-1\, DriverName: \Driver\iaStor\
------------ End ----------
Alternate DeviceName: Unknown, DriverName: \Driver\SafeBoot\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
File user open failed: C:\WINDOWS\SYSTEM32\drivers\SafeBoot.sys (0x00000020)
Done!
Drive 0
This is a System drive
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: B7E4A3E6
Partition information:
Partition 0 type is Dynamic (0x42)
Partition is NOT ACTIVE.
Partition starts at LBA: 63 Numsec = 1985
Partition 1 type is Dynamic (0x42)
Partition is ACTIVE.
Partition starts at LBA: 2048 Numsec = 614400
Partition file system is NTFS
Partition is bootable
Partition 2 type is Dynamic (0x42)
Partition is NOT ACTIVE.
Partition starts at LBA: 616448 Numsec = 479469568
Partition 3 type is Dynamic (0x42)
Partition is NOT ACTIVE.
Partition starts at LBA: 480086016 Numsec = 496685104
Disk Size: 500107862016 bytes
Sector size: 512 bytes
Done!
Scan Interrupted
Scan was aborted.
=======================================
Removal queue found; removal started
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-0-1-2048-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam...
Removal finished
Re: Prosím o kontrolu logu.
Vsechny tyto programy - vcetne pripadne instalace - spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce) Prejmenujte ComboFix na Uninstall a spustte ho. CF by se mel odinstalovat. vyosek píše:
- Stahnete a spustte
- Ponechte zatrzitkou pouze u volby Remove disinfection tools
- Kliknete na Run
Stahnete Ccleaner http://www.filehippo.com/download_ccleaner a spustte.Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!
(Pokud je v pc vice uzivatelskych uctu, pouzijte program i v nich)
Defragmentujte disk(y) (SSD Disky ne!)Stahnete program Defraggler https://www.piriform.com/defraggler/download/standard
Pri instalaci opet pozor na toolbar a dalsi nesmysly.
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.
Pak napiste, jak je na tom pc. Vyzkousejte, jestli se ta okna objevuji i v nouzovem rezimu.Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Prosím o kontrolu logu.
Tak se nic nezměnilo pořád to vyskakuje 
Re: Prosím o kontrolu logu.
Uz jsem se na to ptal, ale nevim, jestli jste odpovedela. Vyskakuje to i v nouzovem rezimu?
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Prosím o kontrolu logu.
Vypadá to že ne. Byla jsem tam tak 10min. a nic. A po zapnutí v normálním to skáče hned
Re: Prosím o kontrolu logu.
Haveti to nebude, bude to delat neco legitimniho.
Dejte novy log z FRST
18.7. pro neaktivitu
http://forum.viry.cz/viewtopic.php?f=12&t=123975
Dejte novy log z FRST
18.7. pro neaktivitu
http://forum.viry.cz/viewtopic.php?f=12&t=123975Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Přispějete na provoz fóra?