Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Zaplňování systémového disku
Moderátor: Moderátoři
Zaplňování systémového disku
Zdravím, z důvodů nedostatku místa jsem provedl změnu velikosti systémového disku. V krátké době dochází opět k zaplňování. Zdá se mï, že neúměrně narůstá tato složka C:\Documents and Settings\All Users\Application Data\AVAST Software\Avast\arpot. Složka arpot obsahuje složku TEMP a cca stovku souborů configuration settings a file, složka TEMP obsahuje 22 000 těchto souborů. Velikost složky TEMP je 3,2GB. Je možné odstranit soubory ze složky TEMP? Díky za jakékoliv info.
-
Rudy
- Site Admin
- Příspěvky: 119405
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zaplňování systémového disku
Obsah všch složek, které se jmenují "Temp" a které v PC máte, můžete smazat. PC vyčistěte CCleanerem: http://www.viry.cz/forum/viewtopic.php?f=46&t=7478 a pro jistotu ještě dejte log z RSIT: http://www.viry.cz/forum/viewtopic.php?f=13&t=105895 .
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Zaplňování systémového disku
Díky za info. Při mazání CCleanerem soubory ze složky TEMP smazány nebyly. Zatím posílám posílám log z RSIT (když tak to smažu přímo) :
Logfile of random's system information tool 1.08 (written by random/random)
Run by mirek at 2011-06-15 09:30:38
Systém Microsoft Windows XP Professional Service Pack 2
System drive C: has 3 GB (27%) free of 12 GB
Total RAM: 2047 MB (74% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:31:03, on 15.6.2011
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
D:\PROGRAMY\NERO\Nero 7\InCD\InCDsrv.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\ZONELA~1\ZONEAL~1\zlclient.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
D:\PROGRAMY\Adobe\Reader\AcroRd32Info.exe
D:\STAHOVÁNÍ\RSIT.exe
C:\Program Files\trend micro\mirek.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://google.icq.com/search/search_frame.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://google.icq.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\hbrch.dll/sp.html#90144
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.netopyr.net:3128
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\PROGRAMY\Adobe\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {538EC479-940F-6ECF-F256-A2FBF6BF035B} - (no file)
O2 - BHO: (no name) - {5995C47D-F9B6-0A92-9DDA-87369B5A49CE} - (no file)
O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - (no file)
O2 - BHO: (no name) - {75B83DE1-EE63-9125-A5C5-B6C6535B830E} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: (no name) - {96D016D9-0CE7-EA14-F994-F6F457061D30} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: (no name) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - (no file)
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [Zone Labs Client] C:\PROGRA~1\ZONELA~1\ZONEAL~1\zlclient.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] D:\PROGRAMY\AVG\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] D:\PROGRAMY\AVG\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user')
O8 - Extra context menu item: &ICQ Toolbar Search - res://D:\PROGRAMY\ICQToolbar\toolbaru.dll/SEARCH.HTML
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://D:\MSOFFI~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint - Náhled - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint - Přidat na seznam k tisku - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint - Tisk - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint - Vysokorychlostní tisk - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: NeoTrace It! - {9885224C-1217-4c5f-83C2-00002E6CEF2B} - C:\WINDOWS\System32\shdocvw.dll (HKCU)
O17 - HKLM\System\CCS\Services\Tcpip\..\{541C8998-DF5F-4CFB-8075-C28060B32032}: NameServer = 62.129.50.20,85.135.32.100
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - D:\PROGRAMY\NERO\Nero 7\InCD\InCDsrv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs Inc. - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
--
End of file - 6703 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\czlnfz.job
C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - D:\PROGRAMY\Adobe\ActiveX\AcroIEHelper.dll [2005-09-24 63136]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{538EC479-940F-6ECF-F256-A2FBF6BF035B}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5995C47D-F9B6-0A92-9DDA-87369B5A49CE}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{68F9551E-0411-48E4-9AAF-4BC42A6A46BE}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{75B83DE1-EE63-9125-A5C5-B6C6535B830E}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre6\bin\ssv.dll [2009-02-07 320920]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-02-23 814160]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{96D016D9-0CE7-EA14-F994-F6F457061D30}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-02-07 34816]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-02-07 73728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{327C2873-E90D-4c37-AA9D-10AC9BABA46C}
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-02-23 814160]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Zone Labs Client"=C:\PROGRA~1\ZONELA~1\ZONEAL~1\zlclient.exe [2004-02-17 693528]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2011-02-23 3451496]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-04 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVG7_CC]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVG7_EMC]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVG7_RegCleaner]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe [2005-12-16 94208]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\C-Media Mixer]
Mixer.exe /startup []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GhostStartTrayApp]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ Lite]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
C:\WINDOWS\system32\dumprep 0 -k []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LiveMonitor]
C:\Program Files\MSI\Live Update 3\LMonitor.exe [2007-01-17 496640]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MagicKey]
C:\PROGRA~1\MEDIAK~1\MagicKey.exe [2004-03-15 45056]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MagicRotation]
C:\Program Files\MagicRotation\MagicPvt.exe [2005-06-03 1089536]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OpwareSE4]
D:\PROGRAMY\Canon\Omni Page\OpwareSE4.exe [2006-03-21 69632]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSuiteTrayApplication]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RivaTunerStartupDaemon]
C:\Program Files\RivaTuner v2.0 RC 15.3 New Year Edition\RivaTuner.exe [2004-12-28 2060288]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe /nosplash /minimized []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
C:\WINDOWS\SOUNDMAN.EXE [2004-11-15 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAX]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAXPnP]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate]
C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2003-09-30 155648]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Start WingMan Profiler]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\sysgp.exe]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\syskz32.exe]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
D:\PROGRAMY\Adobe\Reader\READER~1.EXE [2005-09-24 29696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Color Calibration.lnk]
C:\PROGRA~1\SEC\MAGICT~1.6_C\GAMMAT~1.EXE []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^CoreCenter.lnk]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^MagicTune3.6.lnk]
C:\PROGRA~1\SEC\MAGICT~1.6_C\MAGICT~2.EXE []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^mirek^Start Menu^Programs^Startup^up.exe]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"ERSvc"=2
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=255
"NoResolveSearch"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\WINDOWS\system32\sessmgr.exe"="C:\WINDOWS\system32\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019"
"D:\uTorrent\utorrent.exe"="D:\uTorrent\utorrent.exe:*:Enabled:µTorrent"
"D:\PROGRAMY\Skype\Phone\Skype.exe"="D:\PROGRAMY\Skype\Phone\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
======List of files/folders created in the last 1 months======
2011-06-15 09:30:41 ----D---- C:\Program Files\trend micro
2011-06-15 09:30:38 ----D---- C:\rsit
2011-06-14 16:55:25 ----D---- C:\Documents and Settings\mirek\Application Data\SpaceMonger
2011-06-14 16:55:24 ----D---- C:\Program Files\SpaceMonger
2011-06-07 20:15:33 ----HDC---- C:\WINDOWS\$NtUninstallWudf01009$
2011-06-07 20:13:33 ----HDC---- C:\WINDOWS\$NtUninstallWdf01009$
2011-06-07 20:11:06 ----D---- C:\Documents and Settings\All Users\Application Data\NokiaAccount
2011-06-07 19:56:52 ----D---- C:\Program Files\DIFX
2011-06-07 19:56:50 ----A---- C:\WINDOWS\system32\drivers\pccsmcfd.sys
2011-06-07 19:56:32 ----D---- C:\Program Files\PC Connectivity Solution
2011-06-07 19:55:00 ----A---- C:\WINDOWS\system32\wdfcoinstaller01009.dll
2011-06-07 19:55:00 ----A---- C:\WINDOWS\system32\ccdcmbwu.dll
2011-06-07 14:56:21 ----N---- C:\WINDOWS\system32\spmsg.dll
2011-06-07 14:55:57 ----HDC---- C:\WINDOWS\$NtUninstallKB926239$
2011-06-07 14:54:24 ----HDC---- C:\WINDOWS\$NtUninstallWMFDist11$
2011-06-07 14:52:27 ----D---- C:\WINDOWS\system32\LogFiles
2011-06-07 14:52:27 ----D---- C:\WINDOWS\system32\drivers\UMDF
2011-06-07 14:51:54 ----HDC---- C:\WINDOWS\$NtUninstallWudf01000$
2011-06-07 14:47:46 ----D---- C:\Documents and Settings\All Users\Application Data\NokiaInstallerCache
======List of files/folders modified in the last 1 months======
2011-06-15 09:30:41 ----D---- C:\Program Files
2011-06-15 09:30:38 ----D---- C:\WINDOWS\Internet Logs
2011-06-15 09:28:21 ----HD---- C:\WINDOWS\Temp
2011-06-15 09:28:21 ----D---- C:\WINDOWS
2011-06-14 18:04:01 ----D---- C:\WINDOWS\system32\CatRoot2
2011-06-14 16:56:53 ----SHD---- C:\WINDOWS\Installer
2011-06-14 16:56:53 ----HD---- C:\Config.Msi
2011-06-14 16:55:38 ----AD---- C:\WINDOWS\system32
2011-06-14 16:49:41 ----D---- C:\Program Files\Common Files\Microsoft Shared
2011-06-14 16:36:12 ----A---- C:\WINDOWS\wincmd.ini
2011-06-13 09:52:42 ----A---- C:\WINDOWS\NeroDigital.ini
2011-06-12 19:45:01 ----A---- C:\WINDOWS\win.ini
2011-06-08 19:46:28 ----D---- C:\WINDOWS\Prefetch
2011-06-08 17:27:21 ----D---- C:\WINDOWS\WinSxS
2011-06-08 17:27:21 ----D---- C:\Program Files\Common Files\Nokia
2011-06-08 17:13:29 ----D---- C:\WINDOWS\system32\config
2011-06-08 17:12:24 ----D---- C:\WINDOWS\system32\wbem
2011-06-08 17:12:21 ----D---- C:\WINDOWS\Registration
2011-06-07 20:16:14 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2011-06-07 20:16:13 ----D---- C:\WINDOWS\system32\drivers
2011-06-07 20:16:05 ----HD---- C:\WINDOWS\inf
2011-06-07 20:14:57 ----D---- C:\Documents and Settings\All Users\Application Data\PC Suite
2011-06-07 20:04:53 ----D---- C:\Documents and Settings\All Users\Application Data\OviInstallerCache
2011-06-07 19:57:04 ----D---- C:\Program Files\Nokia
2011-06-07 19:56:50 ----DC---- C:\WINDOWS\system32\DRVSTORE
2011-06-07 19:15:31 ----D---- C:\WINDOWS\AppPatch
2011-06-07 14:56:25 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-06-07 14:55:06 ----D---- C:\Program Files\Windows Media Player
2011-06-02 14:32:33 ----AC---- C:\WINDOWS\Marias.ini
2011-05-25 12:13:34 ----D---- C:\Documents and Settings\mirek\Application Data\Nokia
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 a347bus;a347bus; C:\WINDOWS\System32\DRIVERS\a347bus.sys [2004-04-30 160640]
R0 a347scsi;a347scsi; C:\WINDOWS\System32\Drivers\a347scsi.sys [2004-04-30 5248]
R0 agp440;Intel AGP Bus Filter; C:\WINDOWS\System32\DRIVERS\agp440.sys [2004-08-03 42368]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2007-03-08 43528]
R0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\WINDOWS\System32\drivers\sfdrv01.sys [2005-08-10 50688]
R0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a); C:\WINDOWS\System32\drivers\sfdrv01a.sys [2006-07-05 63352]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\WINDOWS\System32\drivers\sfhlp02.sys [2006-06-14 13680]
R0 sfsync02;StarForce Protection Synchronization Driver (version 2.x); C:\WINDOWS\System32\drivers\sfsync02.sys [2006-07-10 27032]
R0 sfvfs02;StarForce Protection VFS Driver (version 2.x); C:\WINDOWS\System32\drivers\sfvfs02.sys [2007-01-12 82296]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2011-02-23 30680]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2011-02-23 25432]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2011-02-23 371544]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2011-02-23 301528]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2011-02-23 49240]
R1 ATITool;ATITool; \??\C:\Program Files\ATITool\ATITool.sys []
R1 InCDPass;InCDPass; C:\WINDOWS\system32\drivers\InCDPass.sys [2005-10-14 29440]
R1 InCDRm;InCD Reader; C:\WINDOWS\system32\drivers\InCDRm.sys [2005-10-14 22016]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2004-08-03 36096]
R1 magicpvt;magicpvt; C:\WINDOWS\system32\drivers\magicpvt.sys [2005-05-13 9728]
R1 PCLEPCI;PCLEPCI; \??\C:\WINDOWS\system32\drivers\pclepci.sys []
R2 aslm75;aslm75; \??\C:\WINDOWS\system32\drivers\aslm75.sys []
R2 Aspi32;Aspi32; C:\WINDOWS\system32\drivers\Aspi32.sys [2002-08-15 17005]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2011-02-23 19544]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2011-02-23 102232]
R2 vsdatant;vsdatant; \??\C:\WINDOWS\System32\vsdatant.sys []
R3 ati2mtag;ati2mtag; C:\WINDOWS\System32\DRIVERS\ati2mtag.sys [2004-08-03 701440]
R3 cmpci;C-Media PCI Audio Driver (WDM); C:\WINDOWS\system32\drivers\cmaudio.sys [2002-03-01 373518]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2001-08-18 5888]
R3 RTL8023xp;Realtek RTL8139/810x/8169/8110 all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys [2004-10-15 71168]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2004-08-03 20480]
R3 WmBEnum;Logitech Virtual Bus Enumerator Driver; C:\WINDOWS\system32\drivers\WmBEnum.sys [2004-04-14 10144]
R3 WmXlCore;Logitech WingMan Translation Layer Driver; C:\WINDOWS\system32\drivers\WmXlCore.sys [2004-04-14 44064]
R4 InCDFs;InCD File System; C:\WINDOWS\system32\drivers\InCDFs.sys [2005-10-14 101760]
S1 Avg7Core;AVG7 Kernel; C:\WINDOWS\System32\Drivers\avg7core.sys []
S1 Avg7RsW;AVG7 Wrap Driver; C:\WINDOWS\System32\Drivers\avg7rsw.sys []
S1 Avg7RsXP;AVG7 Rezident Driver; C:\WINDOWS\System32\Drivers\avg7rsxp.sys []
S1 kbdhid;Keyboard HID Driver; C:\WINDOWS\System32\DRIVERS\kbdhid.sys [2004-08-03 14848]
S3 aeaudio;aeaudio; C:\WINDOWS\system32\drivers\aeaudio.sys []
S3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2004-11-17 2297664]
S3 BCM43XX;ASUS 802.11 ovladač síťového adaptéru; C:\WINDOWS\system32\DRIVERS\bcmwl5.sys [2005-02-11 371712]
S3 ENTECH;ENTECH; \??\C:\WINDOWS\system32\DRIVERS\ENTECH.sys []
S3 epmntdrv;epmntdrv; \??\C:\WINDOWS\system32\epmntdrv.sys []
S3 EuGdiDrv;EuGdiDrv; \??\C:\WINDOWS\system32\EuGdiDrv.sys []
S3 GMSIPCI;GMSIPCI; \??\I:\INSTALL\GMSIPCI.SYS []
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2006-10-26 15440]
S3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2001-08-17 9600]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2004-12-15 51120]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2004-12-15 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2004-12-15 21744]
S3 IRIMAGER;Fluke Ti30, IR-Imager USB Driver (irimager.sys); C:\WINDOWS\System32\Drivers\irimager.sys []
S3 k750bus;Sony Ericsson 750 driver (WDM); C:\WINDOWS\system32\DRIVERS\k750bus.sys []
S3 k750mdfl;Sony Ericsson 750 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\k750mdfl.sys []
S3 k750mdm;Sony Ericsson 750 USB WMC Modem Drivers; C:\WINDOWS\system32\DRIVERS\k750mdm.sys []
S3 k750mgmt;Sony Ericsson 750 USB WMC Device Management Drivers; C:\WINDOWS\system32\DRIVERS\k750mgmt.sys []
S3 k750obex;Sony Ericsson 750 USB WMC OBEX Interface Drivers; C:\WINDOWS\system32\DRIVERS\k750obex.sys []
S3 MidiSyn;MidiSyn; C:\WINDOWS\system32\drivers\MidiSyn.sys []
S3 mouhid;Mouse HID Driver; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-08-17 12160]
S3 ms_mpu401;Microsoft MPU-401 MIDI UART Driver; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-17 2944]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\WINDOWS\system32\drivers\ccdcmb.sys [2010-12-02 18304]
S3 nmwcdc;Nokia USB Communication Driver; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2010-12-02 23168]
S3 PCAlertDriver;PCAlertDriver; \??\C:\Program Files\MSI\Core Center\NTGLM7X.sys []
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2007-06-17 47360]
S3 RivaTunerEx;RivaTunerEx; \??\C:\Program Files\RivaTuner v2.0 RC 15.3 New Year Edition\RivaTunerEx.sys []
S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
S3 RushTopDevice;RushTopDevice; \??\C:\Program Files\MSI\Core Center\RushTop.sys []
S3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys []
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2010-12-02 8192]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\System32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2004-08-03 25600]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2010-12-02 8192]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S3 WmFilter;Logitech WingMan HID Filter Driver; C:\WINDOWS\system32\drivers\WmFilter.sys [2004-04-14 21280]
S3 WmVirHid;Logitech Virtual Hid Device Driver; C:\WINDOWS\system32\drivers\WmVirHid.sys [2004-04-14 5600]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2009-07-13 91904]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2009-07-13 132224]
S3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Gigabit Ethernet Adapter; C:\WINDOWS\System32\DRIVERS\yukonwxp.sys [2003-10-23 174336]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-02-23 42184]
R2 InCDsrv;InCD Helper; D:\PROGRAMY\NERO\Nero 7\InCD\InCDsrv.exe [2005-10-14 670208]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-02-07 152984]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-20 322120]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2004-09-29 69632]
S2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2004-05-15 376832]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2004-05-15 516096]
S2 vsmon;TrueVector Internet Monitor; C:\WINDOWS\system32\ZoneLabs\vsmon.exe [2004-02-17 824592]
S2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-04 14336]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2011-03-21 632832]
-----------------EOF-----------------
Logfile of random's system information tool 1.08 (written by random/random)
Run by mirek at 2011-06-15 09:30:38
Systém Microsoft Windows XP Professional Service Pack 2
System drive C: has 3 GB (27%) free of 12 GB
Total RAM: 2047 MB (74% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:31:03, on 15.6.2011
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
D:\PROGRAMY\NERO\Nero 7\InCD\InCDsrv.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\ZONELA~1\ZONEAL~1\zlclient.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
D:\PROGRAMY\Adobe\Reader\AcroRd32Info.exe
D:\STAHOVÁNÍ\RSIT.exe
C:\Program Files\trend micro\mirek.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://google.icq.com/search/search_frame.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://google.icq.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\hbrch.dll/sp.html#90144
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.netopyr.net:3128
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\PROGRAMY\Adobe\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {538EC479-940F-6ECF-F256-A2FBF6BF035B} - (no file)
O2 - BHO: (no name) - {5995C47D-F9B6-0A92-9DDA-87369B5A49CE} - (no file)
O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - (no file)
O2 - BHO: (no name) - {75B83DE1-EE63-9125-A5C5-B6C6535B830E} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: (no name) - {96D016D9-0CE7-EA14-F994-F6F457061D30} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: (no name) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - (no file)
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [Zone Labs Client] C:\PROGRA~1\ZONELA~1\ZONEAL~1\zlclient.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] D:\PROGRAMY\AVG\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] D:\PROGRAMY\AVG\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user')
O8 - Extra context menu item: &ICQ Toolbar Search - res://D:\PROGRAMY\ICQToolbar\toolbaru.dll/SEARCH.HTML
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://D:\MSOFFI~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint - Náhled - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint - Přidat na seznam k tisku - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint - Tisk - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint - Vysokorychlostní tisk - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: NeoTrace It! - {9885224C-1217-4c5f-83C2-00002E6CEF2B} - C:\WINDOWS\System32\shdocvw.dll (HKCU)
O17 - HKLM\System\CCS\Services\Tcpip\..\{541C8998-DF5F-4CFB-8075-C28060B32032}: NameServer = 62.129.50.20,85.135.32.100
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - D:\PROGRAMY\NERO\Nero 7\InCD\InCDsrv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs Inc. - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
--
End of file - 6703 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\czlnfz.job
C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - D:\PROGRAMY\Adobe\ActiveX\AcroIEHelper.dll [2005-09-24 63136]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{538EC479-940F-6ECF-F256-A2FBF6BF035B}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5995C47D-F9B6-0A92-9DDA-87369B5A49CE}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{68F9551E-0411-48E4-9AAF-4BC42A6A46BE}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{75B83DE1-EE63-9125-A5C5-B6C6535B830E}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre6\bin\ssv.dll [2009-02-07 320920]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-02-23 814160]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{96D016D9-0CE7-EA14-F994-F6F457061D30}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-02-07 34816]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-02-07 73728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{327C2873-E90D-4c37-AA9D-10AC9BABA46C}
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-02-23 814160]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Zone Labs Client"=C:\PROGRA~1\ZONELA~1\ZONEAL~1\zlclient.exe [2004-02-17 693528]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2011-02-23 3451496]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-04 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVG7_CC]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVG7_EMC]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVG7_RegCleaner]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe [2005-12-16 94208]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\C-Media Mixer]
Mixer.exe /startup []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GhostStartTrayApp]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ Lite]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
C:\WINDOWS\system32\dumprep 0 -k []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LiveMonitor]
C:\Program Files\MSI\Live Update 3\LMonitor.exe [2007-01-17 496640]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MagicKey]
C:\PROGRA~1\MEDIAK~1\MagicKey.exe [2004-03-15 45056]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MagicRotation]
C:\Program Files\MagicRotation\MagicPvt.exe [2005-06-03 1089536]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OpwareSE4]
D:\PROGRAMY\Canon\Omni Page\OpwareSE4.exe [2006-03-21 69632]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSuiteTrayApplication]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RivaTunerStartupDaemon]
C:\Program Files\RivaTuner v2.0 RC 15.3 New Year Edition\RivaTuner.exe [2004-12-28 2060288]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe /nosplash /minimized []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
C:\WINDOWS\SOUNDMAN.EXE [2004-11-15 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAX]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAXPnP]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate]
C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2003-09-30 155648]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Start WingMan Profiler]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\sysgp.exe]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\syskz32.exe]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
D:\PROGRAMY\Adobe\Reader\READER~1.EXE [2005-09-24 29696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Color Calibration.lnk]
C:\PROGRA~1\SEC\MAGICT~1.6_C\GAMMAT~1.EXE []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^CoreCenter.lnk]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^MagicTune3.6.lnk]
C:\PROGRA~1\SEC\MAGICT~1.6_C\MAGICT~2.EXE []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^mirek^Start Menu^Programs^Startup^up.exe]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"ERSvc"=2
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=255
"NoResolveSearch"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\WINDOWS\system32\sessmgr.exe"="C:\WINDOWS\system32\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019"
"D:\uTorrent\utorrent.exe"="D:\uTorrent\utorrent.exe:*:Enabled:µTorrent"
"D:\PROGRAMY\Skype\Phone\Skype.exe"="D:\PROGRAMY\Skype\Phone\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
======List of files/folders created in the last 1 months======
2011-06-15 09:30:41 ----D---- C:\Program Files\trend micro
2011-06-15 09:30:38 ----D---- C:\rsit
2011-06-14 16:55:25 ----D---- C:\Documents and Settings\mirek\Application Data\SpaceMonger
2011-06-14 16:55:24 ----D---- C:\Program Files\SpaceMonger
2011-06-07 20:15:33 ----HDC---- C:\WINDOWS\$NtUninstallWudf01009$
2011-06-07 20:13:33 ----HDC---- C:\WINDOWS\$NtUninstallWdf01009$
2011-06-07 20:11:06 ----D---- C:\Documents and Settings\All Users\Application Data\NokiaAccount
2011-06-07 19:56:52 ----D---- C:\Program Files\DIFX
2011-06-07 19:56:50 ----A---- C:\WINDOWS\system32\drivers\pccsmcfd.sys
2011-06-07 19:56:32 ----D---- C:\Program Files\PC Connectivity Solution
2011-06-07 19:55:00 ----A---- C:\WINDOWS\system32\wdfcoinstaller01009.dll
2011-06-07 19:55:00 ----A---- C:\WINDOWS\system32\ccdcmbwu.dll
2011-06-07 14:56:21 ----N---- C:\WINDOWS\system32\spmsg.dll
2011-06-07 14:55:57 ----HDC---- C:\WINDOWS\$NtUninstallKB926239$
2011-06-07 14:54:24 ----HDC---- C:\WINDOWS\$NtUninstallWMFDist11$
2011-06-07 14:52:27 ----D---- C:\WINDOWS\system32\LogFiles
2011-06-07 14:52:27 ----D---- C:\WINDOWS\system32\drivers\UMDF
2011-06-07 14:51:54 ----HDC---- C:\WINDOWS\$NtUninstallWudf01000$
2011-06-07 14:47:46 ----D---- C:\Documents and Settings\All Users\Application Data\NokiaInstallerCache
======List of files/folders modified in the last 1 months======
2011-06-15 09:30:41 ----D---- C:\Program Files
2011-06-15 09:30:38 ----D---- C:\WINDOWS\Internet Logs
2011-06-15 09:28:21 ----HD---- C:\WINDOWS\Temp
2011-06-15 09:28:21 ----D---- C:\WINDOWS
2011-06-14 18:04:01 ----D---- C:\WINDOWS\system32\CatRoot2
2011-06-14 16:56:53 ----SHD---- C:\WINDOWS\Installer
2011-06-14 16:56:53 ----HD---- C:\Config.Msi
2011-06-14 16:55:38 ----AD---- C:\WINDOWS\system32
2011-06-14 16:49:41 ----D---- C:\Program Files\Common Files\Microsoft Shared
2011-06-14 16:36:12 ----A---- C:\WINDOWS\wincmd.ini
2011-06-13 09:52:42 ----A---- C:\WINDOWS\NeroDigital.ini
2011-06-12 19:45:01 ----A---- C:\WINDOWS\win.ini
2011-06-08 19:46:28 ----D---- C:\WINDOWS\Prefetch
2011-06-08 17:27:21 ----D---- C:\WINDOWS\WinSxS
2011-06-08 17:27:21 ----D---- C:\Program Files\Common Files\Nokia
2011-06-08 17:13:29 ----D---- C:\WINDOWS\system32\config
2011-06-08 17:12:24 ----D---- C:\WINDOWS\system32\wbem
2011-06-08 17:12:21 ----D---- C:\WINDOWS\Registration
2011-06-07 20:16:14 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2011-06-07 20:16:13 ----D---- C:\WINDOWS\system32\drivers
2011-06-07 20:16:05 ----HD---- C:\WINDOWS\inf
2011-06-07 20:14:57 ----D---- C:\Documents and Settings\All Users\Application Data\PC Suite
2011-06-07 20:04:53 ----D---- C:\Documents and Settings\All Users\Application Data\OviInstallerCache
2011-06-07 19:57:04 ----D---- C:\Program Files\Nokia
2011-06-07 19:56:50 ----DC---- C:\WINDOWS\system32\DRVSTORE
2011-06-07 19:15:31 ----D---- C:\WINDOWS\AppPatch
2011-06-07 14:56:25 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-06-07 14:55:06 ----D---- C:\Program Files\Windows Media Player
2011-06-02 14:32:33 ----AC---- C:\WINDOWS\Marias.ini
2011-05-25 12:13:34 ----D---- C:\Documents and Settings\mirek\Application Data\Nokia
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 a347bus;a347bus; C:\WINDOWS\System32\DRIVERS\a347bus.sys [2004-04-30 160640]
R0 a347scsi;a347scsi; C:\WINDOWS\System32\Drivers\a347scsi.sys [2004-04-30 5248]
R0 agp440;Intel AGP Bus Filter; C:\WINDOWS\System32\DRIVERS\agp440.sys [2004-08-03 42368]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2007-03-08 43528]
R0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\WINDOWS\System32\drivers\sfdrv01.sys [2005-08-10 50688]
R0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a); C:\WINDOWS\System32\drivers\sfdrv01a.sys [2006-07-05 63352]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\WINDOWS\System32\drivers\sfhlp02.sys [2006-06-14 13680]
R0 sfsync02;StarForce Protection Synchronization Driver (version 2.x); C:\WINDOWS\System32\drivers\sfsync02.sys [2006-07-10 27032]
R0 sfvfs02;StarForce Protection VFS Driver (version 2.x); C:\WINDOWS\System32\drivers\sfvfs02.sys [2007-01-12 82296]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2011-02-23 30680]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2011-02-23 25432]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2011-02-23 371544]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2011-02-23 301528]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2011-02-23 49240]
R1 ATITool;ATITool; \??\C:\Program Files\ATITool\ATITool.sys []
R1 InCDPass;InCDPass; C:\WINDOWS\system32\drivers\InCDPass.sys [2005-10-14 29440]
R1 InCDRm;InCD Reader; C:\WINDOWS\system32\drivers\InCDRm.sys [2005-10-14 22016]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2004-08-03 36096]
R1 magicpvt;magicpvt; C:\WINDOWS\system32\drivers\magicpvt.sys [2005-05-13 9728]
R1 PCLEPCI;PCLEPCI; \??\C:\WINDOWS\system32\drivers\pclepci.sys []
R2 aslm75;aslm75; \??\C:\WINDOWS\system32\drivers\aslm75.sys []
R2 Aspi32;Aspi32; C:\WINDOWS\system32\drivers\Aspi32.sys [2002-08-15 17005]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2011-02-23 19544]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2011-02-23 102232]
R2 vsdatant;vsdatant; \??\C:\WINDOWS\System32\vsdatant.sys []
R3 ati2mtag;ati2mtag; C:\WINDOWS\System32\DRIVERS\ati2mtag.sys [2004-08-03 701440]
R3 cmpci;C-Media PCI Audio Driver (WDM); C:\WINDOWS\system32\drivers\cmaudio.sys [2002-03-01 373518]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2001-08-18 5888]
R3 RTL8023xp;Realtek RTL8139/810x/8169/8110 all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys [2004-10-15 71168]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2004-08-03 20480]
R3 WmBEnum;Logitech Virtual Bus Enumerator Driver; C:\WINDOWS\system32\drivers\WmBEnum.sys [2004-04-14 10144]
R3 WmXlCore;Logitech WingMan Translation Layer Driver; C:\WINDOWS\system32\drivers\WmXlCore.sys [2004-04-14 44064]
R4 InCDFs;InCD File System; C:\WINDOWS\system32\drivers\InCDFs.sys [2005-10-14 101760]
S1 Avg7Core;AVG7 Kernel; C:\WINDOWS\System32\Drivers\avg7core.sys []
S1 Avg7RsW;AVG7 Wrap Driver; C:\WINDOWS\System32\Drivers\avg7rsw.sys []
S1 Avg7RsXP;AVG7 Rezident Driver; C:\WINDOWS\System32\Drivers\avg7rsxp.sys []
S1 kbdhid;Keyboard HID Driver; C:\WINDOWS\System32\DRIVERS\kbdhid.sys [2004-08-03 14848]
S3 aeaudio;aeaudio; C:\WINDOWS\system32\drivers\aeaudio.sys []
S3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2004-11-17 2297664]
S3 BCM43XX;ASUS 802.11 ovladač síťového adaptéru; C:\WINDOWS\system32\DRIVERS\bcmwl5.sys [2005-02-11 371712]
S3 ENTECH;ENTECH; \??\C:\WINDOWS\system32\DRIVERS\ENTECH.sys []
S3 epmntdrv;epmntdrv; \??\C:\WINDOWS\system32\epmntdrv.sys []
S3 EuGdiDrv;EuGdiDrv; \??\C:\WINDOWS\system32\EuGdiDrv.sys []
S3 GMSIPCI;GMSIPCI; \??\I:\INSTALL\GMSIPCI.SYS []
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2006-10-26 15440]
S3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2001-08-17 9600]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2004-12-15 51120]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2004-12-15 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2004-12-15 21744]
S3 IRIMAGER;Fluke Ti30, IR-Imager USB Driver (irimager.sys); C:\WINDOWS\System32\Drivers\irimager.sys []
S3 k750bus;Sony Ericsson 750 driver (WDM); C:\WINDOWS\system32\DRIVERS\k750bus.sys []
S3 k750mdfl;Sony Ericsson 750 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\k750mdfl.sys []
S3 k750mdm;Sony Ericsson 750 USB WMC Modem Drivers; C:\WINDOWS\system32\DRIVERS\k750mdm.sys []
S3 k750mgmt;Sony Ericsson 750 USB WMC Device Management Drivers; C:\WINDOWS\system32\DRIVERS\k750mgmt.sys []
S3 k750obex;Sony Ericsson 750 USB WMC OBEX Interface Drivers; C:\WINDOWS\system32\DRIVERS\k750obex.sys []
S3 MidiSyn;MidiSyn; C:\WINDOWS\system32\drivers\MidiSyn.sys []
S3 mouhid;Mouse HID Driver; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-08-17 12160]
S3 ms_mpu401;Microsoft MPU-401 MIDI UART Driver; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-17 2944]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\WINDOWS\system32\drivers\ccdcmb.sys [2010-12-02 18304]
S3 nmwcdc;Nokia USB Communication Driver; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2010-12-02 23168]
S3 PCAlertDriver;PCAlertDriver; \??\C:\Program Files\MSI\Core Center\NTGLM7X.sys []
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2007-06-17 47360]
S3 RivaTunerEx;RivaTunerEx; \??\C:\Program Files\RivaTuner v2.0 RC 15.3 New Year Edition\RivaTunerEx.sys []
S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
S3 RushTopDevice;RushTopDevice; \??\C:\Program Files\MSI\Core Center\RushTop.sys []
S3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys []
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2010-12-02 8192]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\System32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2004-08-03 25600]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2010-12-02 8192]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S3 WmFilter;Logitech WingMan HID Filter Driver; C:\WINDOWS\system32\drivers\WmFilter.sys [2004-04-14 21280]
S3 WmVirHid;Logitech Virtual Hid Device Driver; C:\WINDOWS\system32\drivers\WmVirHid.sys [2004-04-14 5600]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2009-07-13 91904]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2009-07-13 132224]
S3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Gigabit Ethernet Adapter; C:\WINDOWS\System32\DRIVERS\yukonwxp.sys [2003-10-23 174336]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-02-23 42184]
R2 InCDsrv;InCD Helper; D:\PROGRAMY\NERO\Nero 7\InCD\InCDsrv.exe [2005-10-14 670208]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-02-07 152984]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-20 322120]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2004-09-29 69632]
S2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2004-05-15 376832]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2004-05-15 516096]
S2 vsmon;TrueVector Internet Monitor; C:\WINDOWS\system32\ZoneLabs\vsmon.exe [2004-02-17 824592]
S2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-04 14336]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2011-03-21 632832]
-----------------EOF-----------------
Re: Zaplňování systémového disku
zaskocim:
Presun ComboFix
na plochu (ak tam este nie je)
otvor si Poznamkovy blok - notepad
do neho zkopiruj skript z nasledujiceho okna:
uloz vytvoreny textovy soubor ako CFScript.txt na plochu
po ulozeni uchop vytvoreny skript lavym tlacitkom mysi a presun ho nad ikonu Combofixu, nad nim skript upust:
po aplikacii by mal vzniknut dalsi log, ten vloz sem
Presun ComboFix
na plochu (ak tam este nie je)
otvor si Poznamkovy blok - notepad
do neho zkopiruj skript z nasledujiceho okna:
Kód: Vybrat vše
Registry::
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\sysgp.exe]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\syskz32.exe]
po ulozeni uchop vytvoreny skript lavym tlacitkom mysi a presun ho nad ikonu Combofixu, nad nim skript upust:
po aplikacii by mal vzniknut dalsi log, ten vloz sem
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: Zaplňování systémového disku
posílám log z ComboFixu
ComboFix 11-06-14.03 - mirek 15.06.2011 15:35:24.2.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1033.18.2047.1658 [GMT 2:00]
Spuštěný z: c:\documents and settings\mirek\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\mirek\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: avast! Antivirus *Disabled* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\audiograbber\audiograbber.exe
C:\autorun.inf
c:\documents and settings\mirek\WINDOWS
c:\program files\myglobalsearch
c:\program files\myglobalsearch\bar\1.bin\M9FFXTBR.JAR
c:\program files\myglobalsearch\bar\1.bin\M9NTSTBR.JAR
c:\program files\myglobalsearch\bar\Cache\00662D2A.bin
c:\program files\myglobalsearch\bar\Cache\00663A0B.bin
c:\program files\myglobalsearch\bar\Cache\00663C0E.bin
c:\program files\myglobalsearch\bar\Cache\00C217DD
c:\program files\myglobalsearch\bar\Cache\files.ini
c:\program files\myglobalsearch\bar\History\search
c:\program files\myglobalsearch\bar\Settings\prevcfg.htm
c:\windows\IsUn0405.exe
c:\windows\system32\driver.dat
c:\windows\system32\nmdfgds1.dll
D:\Autorun.inf
E:\Autorun.inf
F:\autorun.inf
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-05-15 do 2011-06-15 )))))))))))))))))))))))))))))))
.
.
2011-06-15 07:30 . 2011-06-15 07:31 -------- d-----w- c:\program files\trend micro
2011-06-15 07:30 . 2011-06-15 07:31 -------- d-----w- C:\rsit
2011-06-14 14:55 . 2011-06-14 14:55 -------- d-----w- c:\documents and settings\mirek\Application Data\SpaceMonger
2011-06-14 14:55 . 2011-06-14 14:55 -------- d-----w- c:\program files\SpaceMonger
2011-06-08 15:12 . 2011-06-08 15:12 -------- d-----w- c:\windows\system32\wbem\Repository
2011-06-07 18:11 . 2011-06-08 15:26 -------- d-----w- c:\documents and settings\All Users\Application Data\NokiaAccount
2011-06-07 18:04 . 2011-06-07 18:05 -------- d-----w- c:\documents and settings\mirek\Local Settings\Application Data\Nokia
2011-06-07 17:56 . 2011-06-07 17:56 -------- d-----w- c:\program files\DIFX
2011-06-07 17:56 . 2008-08-26 08:26 18816 ----a-w- c:\windows\system32\drivers\pccsmcfd.sys
2011-06-07 17:56 . 2011-06-07 17:56 -------- d-----w- c:\program files\PC Connectivity Solution
2011-06-07 17:55 . 2010-12-02 13:14 113152 ----a-w- c:\windows\system32\ccdcmbwu.dll
2011-06-07 17:55 . 2010-12-02 11:36 1461992 ----a-w- c:\windows\system32\wdfcoinstaller01009.dll
2011-06-07 12:52 . 2011-06-08 17:46 -------- d-----w- c:\windows\system32\LogFiles
2011-06-07 12:52 . 2011-06-08 10:20 -------- d-----w- c:\windows\system32\drivers\UMDF
2011-06-07 12:47 . 2011-06-07 12:47 -------- d-----w- c:\documents and settings\All Users\Application Data\NokiaInstallerCache
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-04-14 16:38 . 2011-05-03 15:49 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2004-08-03 20:59 . !HASH: COULD NOT OPEN FILE !!!!! . 95360 . . [------] . . c:\windows\system32\drivers\atapi.sys
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-02-23 15:04 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Zone Labs Client"="c:\progra~1\ZONELA~1\ZONEAL~1\zlclient.exe" [2004-02-17 693528]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-02-23 3451496]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2004-08-03 15360]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"RunNarrator"="Narrator.exe" [2004-08-03 53760]
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Color Calibration.lnk]
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^CoreCenter.lnk]
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^MagicTune3.6.lnk]
.
[HKLM\~\startupfolder\C:^Documents and Settings^mirek^Start Menu^Programs^Startup^up.exe]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVG7_CC
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVG7_EMC
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVG7_RegCleaner
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GhostStartTrayApp
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ Lite
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
c:\windows\system32\dumprep 0 -k [X]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSuiteTrayApplication
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAX
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAXPnP
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Start WingMan Profiler
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
2005-12-16 10:57 94208 ----a-w- c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\C-Media Mixer]
2002-03-04 03:02 1454080 -c--a-w- c:\windows\mixer.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LiveMonitor]
2007-01-17 15:01 496640 -c----w- c:\program files\MSI\Live Update 3\LMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MagicKey]
2004-03-15 12:27 45056 -c--a-w- c:\progra~1\MEDIAK~1\MagicKey.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MagicRotation]
2005-06-03 14:34 1089536 -c--a-w- c:\program files\MagicRotation\MagicPvt.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OpwareSE4]
2006-03-21 11:19 69632 ----a-w- d:\programy\Canon\Omni Page\OpWareSE4.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RivaTunerStartupDaemon]
2004-12-28 08:35 2060288 ----a-w- c:\program files\RivaTuner v2.0 RC 15.3 New Year Edition\RivaTuner.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
2004-11-15 10:20 77824 -c--a-w- c:\windows\SOUNDMAN.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate]
2003-09-29 22:14 155648 -c--a-r- c:\program files\Common Files\ScanSoft Shared\SSBkgdUpdate\SSBkgdUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"ERSvc"=2 (0x2)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"d:\\uTorrent\\utorrent.exe"=
"d:\\PROGRAMY\\Skype\\Phone\\Skype.exe"=
.
R0 a347bus;a347bus;c:\windows\system32\drivers\a347bus.sys [20.2.2005 0:43 160640]
R0 a347scsi;a347scsi;c:\windows\system32\drivers\a347scsi.sys [20.2.2005 0:43 5248]
R0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a);c:\windows\system32\drivers\sfdrv01a.sys [5.7.2006 14:46 63352]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [14.3.2011 18:48 371544]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [5.4.2008 8:31 301528]
R1 magicpvt;magicpvt;c:\windows\system32\drivers\magicpvt.sys [30.5.2006 21:48 9728]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [5.4.2008 8:31 19544]
S3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys [10.5.2011 21:52 13192]
S3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys [10.5.2011 21:52 8456]
S3 IRIMAGER;Fluke Ti30, IR-Imager USB Driver (irimager.sys);c:\windows\system32\Drivers\irimager.sys --> c:\windows\system32\Drivers\irimager.sys [?]
S3 PCAlertDriver;PCAlertDriver;\??\c:\program files\MSI\Core Center\NTGLM7X.sys --> c:\program files\MSI\Core Center\NTGLM7X.sys [?]
S3 RivaTunerEx;RivaTunerEx;c:\program files\RivaTuner v2.0 RC 15.3 New Year Edition\RivaTunerEx.sys [28.12.2004 10:35 2560]
.
Obsah adresáře 'Naplánované úlohy'
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
mStart Page = about:blank
mSearch Bar = res://c:\windows\hbrch.dll/sp.html#90144
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyServer = proxy.netopyr.net:3128
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: &ICQ Toolbar Search - d:\programy\ICQToolbar\toolbaru.dll/SEARCH.HTML
IE: &NeoTrace It!
IE: E&xportovat do aplikace Microsoft Office Excel - d:\msoffi~1\OFFICE11\EXCEL.EXE/3000
IE: Easy-WebPrint - Náhled - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
IE: Easy-WebPrint - Přidat na seznam k tisku - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
IE: Easy-WebPrint - Tisk - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
IE: Easy-WebPrint - Vysokorychlostní tisk - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{541C8998-DF5F-4CFB-8075-C28060B32032}: NameServer = 62.129.50.20,85.135.32.100
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\mirek\Application Data\Mozilla\Firefox\Profiles\5t51kabe.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.1.9&q=
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKU-Default-Run-AVG7_Run - d:\programy\AVG\avgw.exe
HKU-Default-Run-PcSync - d:\programy\Nokia\Nokia PC Suite 6\PcSync2.exe
SafeBoot-Wdf01000.sys
MSConfigStartUp-Skype - c:\program files\Skype\Phone\Skype.exe
AddRemove-Easy-WebPrint - c:\windows\IsUn0405.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-06-15 15:45
Windows 5.1.2600 Service Pack 2 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
Celkový čas: 2011-06-15 15:50:45
ComboFix-quarantined-files.txt 2011-06-15 13:50
.
Před spuštěním: 3 452 792 832 bytes free
Po spuštění: 3 416 018 944
.
- - End Of File - - 418A4F0BA83BCFD6CB35FA0FCCE457BA
ComboFix 11-06-14.03 - mirek 15.06.2011 15:35:24.2.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1033.18.2047.1658 [GMT 2:00]
Spuštěný z: c:\documents and settings\mirek\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\mirek\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: avast! Antivirus *Disabled* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\audiograbber\audiograbber.exe
C:\autorun.inf
c:\documents and settings\mirek\WINDOWS
c:\program files\myglobalsearch
c:\program files\myglobalsearch\bar\1.bin\M9FFXTBR.JAR
c:\program files\myglobalsearch\bar\1.bin\M9NTSTBR.JAR
c:\program files\myglobalsearch\bar\Cache\00662D2A.bin
c:\program files\myglobalsearch\bar\Cache\00663A0B.bin
c:\program files\myglobalsearch\bar\Cache\00663C0E.bin
c:\program files\myglobalsearch\bar\Cache\00C217DD
c:\program files\myglobalsearch\bar\Cache\files.ini
c:\program files\myglobalsearch\bar\History\search
c:\program files\myglobalsearch\bar\Settings\prevcfg.htm
c:\windows\IsUn0405.exe
c:\windows\system32\driver.dat
c:\windows\system32\nmdfgds1.dll
D:\Autorun.inf
E:\Autorun.inf
F:\autorun.inf
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-05-15 do 2011-06-15 )))))))))))))))))))))))))))))))
.
.
2011-06-15 07:30 . 2011-06-15 07:31 -------- d-----w- c:\program files\trend micro
2011-06-15 07:30 . 2011-06-15 07:31 -------- d-----w- C:\rsit
2011-06-14 14:55 . 2011-06-14 14:55 -------- d-----w- c:\documents and settings\mirek\Application Data\SpaceMonger
2011-06-14 14:55 . 2011-06-14 14:55 -------- d-----w- c:\program files\SpaceMonger
2011-06-08 15:12 . 2011-06-08 15:12 -------- d-----w- c:\windows\system32\wbem\Repository
2011-06-07 18:11 . 2011-06-08 15:26 -------- d-----w- c:\documents and settings\All Users\Application Data\NokiaAccount
2011-06-07 18:04 . 2011-06-07 18:05 -------- d-----w- c:\documents and settings\mirek\Local Settings\Application Data\Nokia
2011-06-07 17:56 . 2011-06-07 17:56 -------- d-----w- c:\program files\DIFX
2011-06-07 17:56 . 2008-08-26 08:26 18816 ----a-w- c:\windows\system32\drivers\pccsmcfd.sys
2011-06-07 17:56 . 2011-06-07 17:56 -------- d-----w- c:\program files\PC Connectivity Solution
2011-06-07 17:55 . 2010-12-02 13:14 113152 ----a-w- c:\windows\system32\ccdcmbwu.dll
2011-06-07 17:55 . 2010-12-02 11:36 1461992 ----a-w- c:\windows\system32\wdfcoinstaller01009.dll
2011-06-07 12:52 . 2011-06-08 17:46 -------- d-----w- c:\windows\system32\LogFiles
2011-06-07 12:52 . 2011-06-08 10:20 -------- d-----w- c:\windows\system32\drivers\UMDF
2011-06-07 12:47 . 2011-06-07 12:47 -------- d-----w- c:\documents and settings\All Users\Application Data\NokiaInstallerCache
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-04-14 16:38 . 2011-05-03 15:49 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2004-08-03 20:59 . !HASH: COULD NOT OPEN FILE !!!!! . 95360 . . [------] . . c:\windows\system32\drivers\atapi.sys
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-02-23 15:04 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Zone Labs Client"="c:\progra~1\ZONELA~1\ZONEAL~1\zlclient.exe" [2004-02-17 693528]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-02-23 3451496]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2004-08-03 15360]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"RunNarrator"="Narrator.exe" [2004-08-03 53760]
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Color Calibration.lnk]
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^CoreCenter.lnk]
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^MagicTune3.6.lnk]
.
[HKLM\~\startupfolder\C:^Documents and Settings^mirek^Start Menu^Programs^Startup^up.exe]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVG7_CC
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVG7_EMC
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVG7_RegCleaner
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GhostStartTrayApp
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ Lite
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
c:\windows\system32\dumprep 0 -k [X]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSuiteTrayApplication
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAX
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAXPnP
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Start WingMan Profiler
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
2005-12-16 10:57 94208 ----a-w- c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\C-Media Mixer]
2002-03-04 03:02 1454080 -c--a-w- c:\windows\mixer.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LiveMonitor]
2007-01-17 15:01 496640 -c----w- c:\program files\MSI\Live Update 3\LMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MagicKey]
2004-03-15 12:27 45056 -c--a-w- c:\progra~1\MEDIAK~1\MagicKey.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MagicRotation]
2005-06-03 14:34 1089536 -c--a-w- c:\program files\MagicRotation\MagicPvt.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OpwareSE4]
2006-03-21 11:19 69632 ----a-w- d:\programy\Canon\Omni Page\OpWareSE4.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RivaTunerStartupDaemon]
2004-12-28 08:35 2060288 ----a-w- c:\program files\RivaTuner v2.0 RC 15.3 New Year Edition\RivaTuner.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
2004-11-15 10:20 77824 -c--a-w- c:\windows\SOUNDMAN.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate]
2003-09-29 22:14 155648 -c--a-r- c:\program files\Common Files\ScanSoft Shared\SSBkgdUpdate\SSBkgdUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"ERSvc"=2 (0x2)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"d:\\uTorrent\\utorrent.exe"=
"d:\\PROGRAMY\\Skype\\Phone\\Skype.exe"=
.
R0 a347bus;a347bus;c:\windows\system32\drivers\a347bus.sys [20.2.2005 0:43 160640]
R0 a347scsi;a347scsi;c:\windows\system32\drivers\a347scsi.sys [20.2.2005 0:43 5248]
R0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a);c:\windows\system32\drivers\sfdrv01a.sys [5.7.2006 14:46 63352]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [14.3.2011 18:48 371544]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [5.4.2008 8:31 301528]
R1 magicpvt;magicpvt;c:\windows\system32\drivers\magicpvt.sys [30.5.2006 21:48 9728]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [5.4.2008 8:31 19544]
S3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys [10.5.2011 21:52 13192]
S3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys [10.5.2011 21:52 8456]
S3 IRIMAGER;Fluke Ti30, IR-Imager USB Driver (irimager.sys);c:\windows\system32\Drivers\irimager.sys --> c:\windows\system32\Drivers\irimager.sys [?]
S3 PCAlertDriver;PCAlertDriver;\??\c:\program files\MSI\Core Center\NTGLM7X.sys --> c:\program files\MSI\Core Center\NTGLM7X.sys [?]
S3 RivaTunerEx;RivaTunerEx;c:\program files\RivaTuner v2.0 RC 15.3 New Year Edition\RivaTunerEx.sys [28.12.2004 10:35 2560]
.
Obsah adresáře 'Naplánované úlohy'
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
mStart Page = about:blank
mSearch Bar = res://c:\windows\hbrch.dll/sp.html#90144
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyServer = proxy.netopyr.net:3128
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: &ICQ Toolbar Search - d:\programy\ICQToolbar\toolbaru.dll/SEARCH.HTML
IE: &NeoTrace It!
IE: E&xportovat do aplikace Microsoft Office Excel - d:\msoffi~1\OFFICE11\EXCEL.EXE/3000
IE: Easy-WebPrint - Náhled - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
IE: Easy-WebPrint - Přidat na seznam k tisku - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
IE: Easy-WebPrint - Tisk - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
IE: Easy-WebPrint - Vysokorychlostní tisk - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{541C8998-DF5F-4CFB-8075-C28060B32032}: NameServer = 62.129.50.20,85.135.32.100
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\mirek\Application Data\Mozilla\Firefox\Profiles\5t51kabe.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.1.9&q=
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKU-Default-Run-AVG7_Run - d:\programy\AVG\avgw.exe
HKU-Default-Run-PcSync - d:\programy\Nokia\Nokia PC Suite 6\PcSync2.exe
SafeBoot-Wdf01000.sys
MSConfigStartUp-Skype - c:\program files\Skype\Phone\Skype.exe
AddRemove-Easy-WebPrint - c:\windows\IsUn0405.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-06-15 15:45
Windows 5.1.2600 Service Pack 2 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
Celkový čas: 2011-06-15 15:50:45
ComboFix-quarantined-files.txt 2011-06-15 13:50
.
Před spuštěním: 3 452 792 832 bytes free
Po spuštění: 3 416 018 944
.
- - End Of File - - 418A4F0BA83BCFD6CB35FA0FCCE457BA
-
Pavuk29
- VIP in memoriam
- Příspěvky: 6953
- Registrován: 31 říj 2003 08:26
- Bydliště: Banská Bystrica
- Kontaktovat uživatele:
Re: Zaplňování systémového disku
no aj mna ked to chyti a stahujem porno, tiez sa to zaplni.... vsak nepotrebuje kopiu kazdeho trojana na ktory narazis, nie?amva píše:Zdravím, z důvodů nedostatku místa jsem provedl změnu velikosti systémového disku. V krátké době dochází opět k zaplňování. Zdá se mï, že neúměrně narůstá tato složka C:\Documents and Settings\All Users\Application Data\AVAST Software\Avast\arpot. Složka arpot obsahuje složku TEMP a cca stovku souborů configuration settings a file, složka TEMP obsahuje 22 000 těchto souborů. Velikost složky TEMP je 3,2GB. Je možné odstranit soubory ze složky TEMP? Díky za jakékoliv info.
------------------------------------------------------------------------------------------------------------------------------
PLS NEPISTE MI SZ, NA ICQ A MAILY S OTAZKAMI, PISTE DO FORA 
------------------------------------------------------------------------------------------------------------------------------
V pripadne akutnych problemov s chodom fora,
pripadne s inymi uzivatelmi, 
kontaktujte ma na ICQ alebo mailom 
na pavuk29 zavinac forum.viry.cz. Byvam pri pocitaci casto aj ked nie som online na fore.
http://www.icq.com/people/267560078/
hotline: http://forum.viry.cz/viewtopic.php?f=12&t=116821
pravidla fora: http://forum.viry.cz/viewtopic.php?f=12&t=5601
PLS NEPISTE MI SZ, NA ICQ A MAILY S OTAZKAMI, PISTE DO FORA ------------------------------------------------------------------------------------------------------------------------------
V pripadne akutnych problemov s chodom fora,
pripadne s inymi uzivatelmi, kontaktujte ma na ICQ alebo mailom na pavuk29 zavinac forum.viry.cz. Byvam pri pocitaci casto aj ked nie som online na fore.http://www.icq.com/people/267560078/
hotline: http://forum.viry.cz/viewtopic.php?f=12&t=116821 pravidla fora: http://forum.viry.cz/viewtopic.php?f=12&t=5601-
Rudy
- Site Admin
- Příspěvky: 119405
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zaplňování systémového disku
Ještě poprosím o sken MBR: http://www2.gmer.net/mbr/mbr.exe . Utilita provede sken a vyhodí krátký log, který sem zkopírujte.
Jinak CF několikm položek smazal, ve zbytku logu se ještě možná něco skrývá, záleží na tom, jak dopadne sken MBR.
Jinak CF několikm položek smazal, ve zbytku logu se ještě možná něco skrývá, záleží na tom, jak dopadne sken MBR.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Zaplňování systémového disku
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 5.1.2600 Disk: WDC_WD2000JD-98HBB0 rev.08.02D08 -> Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-17
device: opened successfully
user: MBR read successfully
kernel: MBR read successfully
user & kernel MBR OK
Windows 5.1.2600 Disk: WDC_WD2000JD-98HBB0 rev.08.02D08 -> Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-17
device: opened successfully
user: MBR read successfully
kernel: MBR read successfully
user & kernel MBR OK
Re: Zaplňování systémového disku
pokial sa objavi Rudy - urob este:
citat kolegu:
Vyčistime temp
Stiahneme na plochu TFC
http://oldtimer.geekstogo.com/TFC.exe
zatvoríme všetko čo mame otvorene a spustíme program -po skane reštart.
citat kolegu:
Vyčistime temp
Stiahneme na plochu TFC
http://oldtimer.geekstogo.com/TFC.exe
zatvoríme všetko čo mame otvorene a spustíme program -po skane reštart.
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: Zaplňování systémového disku
Děkuji za pomoc, ale ještě se vrátím k tomu úvodu. Soubory ze složky C:\Documents and Settings\All Users\Application Data\AVAST Software\Avast\arpot\TEMP se mi nepodařilo smazat. Vyzkoušel jsem hromadu možností (od běžných záležitostí po unlockera) a stále se nedaří (pravidelná hláška - přístup byl odepřen 
).
).Re: Zaplňování systémového disku
pouzi aswMBR podla http://forum.avast.com/index.php?topic=78458.0
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: Zaplňování systémového disku
Přidávám ještě log z aswMBR
version 0.9.6.399 Copyright(c) 2011 AVAST Software
Run date: 2011-06-17 13:00:36
-----------------------------
13:00:36.421 OS Version: Windows 5.1.2600 Service Pack 2
13:00:36.421 Number of processors: 1 586 0x401
13:00:36.421 ComputerName: VANHARA UserName: mirek
13:00:37.000 AVAST engine 6.0.1000 defs: 11061700
13:00:37.000 Initialize success
13:00:49.468 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-17
13:00:49.468 Disk 0 Vendor: WDC_WD2000JD-98HBB0 08.02D08 Size: 190782MB BusType: 3
13:00:49.468 Device \Driver\atapi -> MajorFunction 8a7e7008
13:00:49.468 Disk 0 MBR read error 0
13:00:49.468 Disk 0 MBR scan
13:00:49.484 Disk 0 unknown MBR code
13:00:49.484 MBR BIOS signature not found 0
13:00:49.484 Disk 0 scanning sectors +390716865
13:00:49.484 Disk 0 scanning C:\WINDOWS\system32\drivers
13:01:08.312 Service scanning
13:01:14.000 Disk 0 trace - called modules:
13:01:14.015 ntoskrnl.exe CLASSPNP.SYS disk.sys >>UNKNOWN [0x8a7e7008]<<
13:01:14.015 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8a9c5ab8]
13:01:14.015 3 CLASSPNP.SYS[f764805b] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-17[0x8a989b00]
13:01:14.015 \Driver\atapi[0x8a973340] -> IRP_MJ_CREATE -> 0x8a7e7008
13:01:14.015 AVAST engine scan C:\WINDOWS\system32
13:05:08.703 Scan finished successfully
13:28:21.500 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\mirek\Desktop\MBR.dat"
13:28:21.500 The log file has been saved successfully to "C:\Documents and Settings\mirek\Desktop\aswMBR.txt"
možná je tu něco špatně ale opravdu nevím co
version 0.9.6.399 Copyright(c) 2011 AVAST Software
Run date: 2011-06-17 13:00:36
-----------------------------
13:00:36.421 OS Version: Windows 5.1.2600 Service Pack 2
13:00:36.421 Number of processors: 1 586 0x401
13:00:36.421 ComputerName: VANHARA UserName: mirek
13:00:37.000 AVAST engine 6.0.1000 defs: 11061700
13:00:37.000 Initialize success
13:00:49.468 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-17
13:00:49.468 Disk 0 Vendor: WDC_WD2000JD-98HBB0 08.02D08 Size: 190782MB BusType: 3
13:00:49.468 Device \Driver\atapi -> MajorFunction 8a7e7008
13:00:49.468 Disk 0 MBR read error 0
13:00:49.468 Disk 0 MBR scan
13:00:49.484 Disk 0 unknown MBR code
13:00:49.484 MBR BIOS signature not found 0
13:00:49.484 Disk 0 scanning sectors +390716865
13:00:49.484 Disk 0 scanning C:\WINDOWS\system32\drivers
13:01:08.312 Service scanning
13:01:14.000 Disk 0 trace - called modules:
13:01:14.015 ntoskrnl.exe CLASSPNP.SYS disk.sys >>UNKNOWN [0x8a7e7008]<<
13:01:14.015 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8a9c5ab8]
13:01:14.015 3 CLASSPNP.SYS[f764805b] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-17[0x8a989b00]
13:01:14.015 \Driver\atapi[0x8a973340] -> IRP_MJ_CREATE -> 0x8a7e7008
13:01:14.015 AVAST engine scan C:\WINDOWS\system32
13:05:08.703 Scan finished successfully
13:28:21.500 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\mirek\Desktop\MBR.dat"
13:28:21.500 The log file has been saved successfully to "C:\Documents and Settings\mirek\Desktop\aswMBR.txt"
možná je tu něco špatně ale opravdu nevím co
-
Rudy
- Site Admin
- Příspěvky: 119405
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zaplňování systémového disku
Spusťte ještě Tdsskiller: http://support.kaspersky.com/downloads/ ... killer.exe . Postupujte podle kolegova návodu:
Utilitu spustte a prikazte ji, at skenuje - klik na Start Scan
Pokud utilita najde infikekci, bude ji chtit lecit (Cure), povolte leceni kliknutim na Continue
Pokud utilita najde podezrely soubor (suspicious), bude jej chtit preskocit (Skip), povolte preskoceni kliknutim na Continue
Po dokonceni skenu bude mozna nutny restart PC, povolte jej kliknutim na Reboot now
Po restartu na Vas vyskoci log, pokud se tak nestane, najdete jej primo na disku, kde mate Windows (obvykle c:\) ve tvaru TDSSKiller.nejaka cisilka _log.txt - jeho obsah sem vlozte
Pokud restart nebude vyzadovan, kliknete na Close a nasledne na Report - vytvori se log - jeho obsah sem vlozte
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Zaplňování systémového disku
2011/06/17 19:25:36.0546 3416 TDSS rootkit removing tool 2.5.5.0 Jun 16 2011 15:25:15
2011/06/17 19:25:38.0562 3416 ================================================================================
2011/06/17 19:25:38.0562 3416 SystemInfo:
2011/06/17 19:25:38.0562 3416
2011/06/17 19:25:38.0562 3416 OS Version: 5.1.2600 ServicePack: 2.0
2011/06/17 19:25:38.0562 3416 Product type: Workstation
2011/06/17 19:25:38.0562 3416 ComputerName: VANHARA
2011/06/17 19:25:38.0562 3416 UserName: mirek
2011/06/17 19:25:38.0562 3416 Windows directory: C:\WINDOWS
2011/06/17 19:25:38.0562 3416 System windows directory: C:\WINDOWS
2011/06/17 19:25:38.0562 3416 Processor architecture: Intel x86
2011/06/17 19:25:38.0562 3416 Number of processors: 1
2011/06/17 19:25:38.0562 3416 Page size: 0x1000
2011/06/17 19:25:38.0562 3416 Boot type: Normal boot
2011/06/17 19:25:38.0562 3416 ================================================================================
2011/06/17 19:25:44.0453 3416 Initialize success
2011/06/17 19:25:47.0468 2584 ================================================================================
2011/06/17 19:25:47.0468 2584 Scan started
2011/06/17 19:25:47.0468 2584 Mode: Manual;
2011/06/17 19:25:47.0468 2584 ================================================================================
2011/06/17 19:25:49.0703 2584 a347bus (1f61cacacb521215f39061789147968c) C:\WINDOWS\system32\DRIVERS\a347bus.sys
2011/06/17 19:25:50.0000 2584 a347scsi (113e4b318bbaa7483ca4e582a4d63f49) C:\WINDOWS\system32\Drivers\a347scsi.sys
2011/06/17 19:25:50.0265 2584 Aavmker4 (83631291adf2887cffc786d034d3fa15) C:\WINDOWS\system32\drivers\Aavmker4.sys
2011/06/17 19:25:51.0062 2584 ACPI (a10c7534f7223f4a73a948967d00e69b) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2011/06/17 19:25:51.0375 2584 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
2011/06/17 19:25:52.0140 2584 aec (841f385c6cfaf66b58fbd898722bb4f0) C:\WINDOWS\system32\drivers\aec.sys
2011/06/17 19:25:52.0453 2584 AFD (5ac495f4cb807b2b98ad2ad591e6d92e) C:\WINDOWS\System32\drivers\afd.sys
2011/06/17 19:25:52.0750 2584 agp440 (2c428fa0c3e3a01ed93c9b2a27d8d4bb) C:\WINDOWS\system32\DRIVERS\agp440.sys
2011/06/17 19:25:54.0250 2584 ALCXWDM (933933288df5ed26d1928215c97d05c7) C:\WINDOWS\system32\drivers\ALCXWDM.SYS
2011/06/17 19:25:56.0265 2584 aslm75 (71356a1370739e25375a1d17b6ae318f) C:\WINDOWS\system32\drivers\aslm75.sys
2011/06/17 19:25:56.0546 2584 Aspi32 (ed8cee58c1e4c5893f5b2fd686a272bf) C:\WINDOWS\system32\drivers\Aspi32.sys
2011/06/17 19:25:56.0828 2584 aswFsBlk (1c2e6bb4fe8621b1b863855b02bc33eb) C:\WINDOWS\system32\drivers\aswFsBlk.sys
2011/06/17 19:25:57.0140 2584 aswMon2 (452d0ecd14fa02f9b061f42c8a30dd49) C:\WINDOWS\system32\drivers\aswMon2.sys
2011/06/17 19:25:57.0406 2584 aswRdr (b6a9373619d851be80fb5f1b5eed0d4e) C:\WINDOWS\system32\drivers\aswRdr.sys
2011/06/17 19:25:57.0796 2584 aswSnx (9be41c1ae8bc481eb662d85c98d979c2) C:\WINDOWS\system32\drivers\aswSnx.sys
2011/06/17 19:25:58.0171 2584 aswSP (4b1a54ba2bc5873a774df6b70ab8b0b3) C:\WINDOWS\system32\drivers\aswSP.sys
2011/06/17 19:25:58.0437 2584 aswTdi (c7f1cea32766184911293f4e1ee653f5) C:\WINDOWS\system32\drivers\aswTdi.sys
2011/06/17 19:25:58.0703 2584 AsyncMac (02000abf34af4c218c35d257024807d6) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2011/06/17 19:25:59.0000 2584 atapi (cdfe4411a69c224bd1d11b2da92dac51) C:\WINDOWS\system32\DRIVERS\atapi.sys
2011/06/17 19:25:59.0000 2584 Suspicious file (NoAccess): C:\WINDOWS\system32\DRIVERS\atapi.sys. md5: cdfe4411a69c224bd1d11b2da92dac51
2011/06/17 19:25:59.0015 2584 atapi - detected LockedFile.Multi.Generic (1)
2011/06/17 19:25:59.0765 2584 ati2mtag (8759322ffc1a50569c1e5528ee8026b7) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
2011/06/17 19:25:59.0875 2584 ATITool (3de5a08462b782c18f4a136cf464ce8a) C:\Program Files\ATITool\ATITool.sys
2011/06/17 19:26:00.0156 2584 Atmarpc (ec88da854ab7d7752ec8be11a741bb7f) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2011/06/17 19:26:00.0421 2584 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2011/06/17 19:26:01.0531 2584 BCM43XX (e7debb46b9ef1f28932e533be4a3d1a9) C:\WINDOWS\system32\DRIVERS\bcmwl5.sys
2011/06/17 19:26:02.0218 2584 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2011/06/17 19:26:02.0609 2584 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2011/06/17 19:26:03.0125 2584 Cdfs (cd7d5152df32b47f4e36f710b35aae02) C:\WINDOWS\system32\drivers\Cdfs.sys
2011/06/17 19:26:03.0406 2584 Cdrom (af9c19b3100fe010496b1a27181fbf72) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2011/06/17 19:26:04.0296 2584 cmpci (911967964ecddc4adaa37d2955f6876b) C:\WINDOWS\system32\drivers\cmaudio.sys
2011/06/17 19:26:05.0328 2584 Disk (00ca44e4534865f8a3b64f7c0984bff0) C:\WINDOWS\system32\DRIVERS\disk.sys
2011/06/17 19:26:05.0625 2584 dmio (f5e7b358a732d09f4bcf2824b88b9e28) C:\WINDOWS\system32\drivers\dmio.sys
2011/06/17 19:26:05.0890 2584 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2011/06/17 19:26:06.0156 2584 DMusic (a6f881284ac1150e37d9ae47ff601267) C:\WINDOWS\system32\drivers\DMusic.sys
2011/06/17 19:26:06.0640 2584 drmkaud (1ed4dbbae9f5d558dbba4cc450e3eb2e) C:\WINDOWS\system32\drivers\drmkaud.sys
2011/06/17 19:26:06.0906 2584 ENTECH (fd9fc82f134b1c91004ffc76a5ae494b) C:\WINDOWS\system32\DRIVERS\ENTECH.sys
2011/06/17 19:26:07.0140 2584 epmntdrv (f07ba56b0235f15eff8f10dc6389c42e) C:\WINDOWS\system32\epmntdrv.sys
2011/06/17 19:26:07.0390 2584 EuGdiDrv (1f2f4ab15ce03ecc257feb2f6dc5a013) C:\WINDOWS\system32\EuGdiDrv.sys
2011/06/17 19:26:07.0703 2584 Fastfat (3117f595e9615e04f05a54fc15a03b20) C:\WINDOWS\system32\drivers\Fastfat.sys
2011/06/17 19:26:08.0000 2584 Fdc (ced2e8396a8838e59d8fd529c680e02c) C:\WINDOWS\system32\DRIVERS\fdc.sys
2011/06/17 19:26:08.0265 2584 Fips (e153ab8a11de5452bcf5ac7652dbf3ed) C:\WINDOWS\system32\drivers\Fips.sys
2011/06/17 19:26:08.0515 2584 Flpydisk (0dd1de43115b93f4d85e889d7a86f548) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
2011/06/17 19:26:08.0812 2584 FltMgr (157754f0df355a9e0a6f54721914f9c6) C:\WINDOWS\system32\drivers\fltmgr.sys
2011/06/17 19:26:09.0093 2584 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2011/06/17 19:26:09.0375 2584 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2011/06/17 19:26:09.0671 2584 gameenum (5f92fd09e5610a5995da7d775eadcd12) C:\WINDOWS\system32\DRIVERS\gameenum.sys
2011/06/17 19:26:09.0968 2584 Gpc (c0f1d4a21de5a415df8170616703debf) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2011/06/17 19:26:10.0250 2584 hamachi (53b84ef7011832bc094b46c057a42aa8) C:\WINDOWS\system32\DRIVERS\hamachi.sys
2011/06/17 19:26:10.0531 2584 HidUsb (1de6783b918f540149aa69943bdfeba8) C:\WINDOWS\system32\DRIVERS\hidusb.sys
2011/06/17 19:26:11.0031 2584 HPZid412 (9f1d80908658eb7f1bf70809e0b51470) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
2011/06/17 19:26:11.0281 2584 HPZipr12 (f7e3e9d50f9cd3de28085a8fdaa0a1c3) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
2011/06/17 19:26:11.0562 2584 HPZius12 (cf1b7951b4ec8d13f3c93b74bb2b461b) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
2011/06/17 19:26:11.0890 2584 HTTP (c19b522a9ae0bbc3293397f3055e80a1) C:\WINDOWS\system32\Drivers\HTTP.sys
2011/06/17 19:26:12.0734 2584 i8042prt (5502b58eef7486ee6f93f3f164dcb808) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
2011/06/17 19:26:13.0000 2584 Imapi (f8aa320c6a0409c0380e5d8a99d76ec6) C:\WINDOWS\system32\DRIVERS\imapi.sys
2011/06/17 19:26:13.0312 2584 InCDFs (673e994063f3ebb76fccb1b601599567) C:\WINDOWS\system32\drivers\InCDFs.sys
2011/06/17 19:26:13.0718 2584 InCDPass (0608a8e30e000c79dcadfc71f36e90c7) C:\WINDOWS\system32\drivers\InCDPass.sys
2011/06/17 19:26:13.0984 2584 InCDrec (5640b85335369971e9f3ed479840578c) C:\WINDOWS\system32\drivers\InCDrec.sys
2011/06/17 19:26:14.0250 2584 InCDRm (e19757161ca5decf10e0796e8bbd1c3d) C:\WINDOWS\system32\drivers\InCDRm.sys
2011/06/17 19:26:15.0187 2584 intelppm (279fb78702454dff2bb445f238c048d2) C:\WINDOWS\system32\DRIVERS\intelppm.sys
2011/06/17 19:26:15.0437 2584 ip6fw (4448006b6bc60e6c027932cfc38d6855) C:\WINDOWS\system32\drivers\ip6fw.sys
2011/06/17 19:26:15.0703 2584 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2011/06/17 19:26:16.0078 2584 IpInIp (e1ec7f5da720b640cd8fb8424f1b14bb) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2011/06/17 19:26:16.0375 2584 IpNat (b5a8e215ac29d24d60b4d1250ef05ace) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2011/06/17 19:26:16.0671 2584 IPSec (64537aa5c003a6afeee1df819062d0d1) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2011/06/17 19:26:17.0031 2584 IRENUM (50708daa1b1cbb7d6ac1cf8f56a24410) C:\WINDOWS\system32\DRIVERS\irenum.sys
2011/06/17 19:26:17.0546 2584 isapnp (e504f706ccb699c2596e9a3da1596e87) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2011/06/17 19:26:19.0093 2584 Kbdclass (ebdee8a2ee5393890a1acee971c4c246) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2011/06/17 19:26:19.0468 2584 kbdhid (e182fa8e49e8ee41b4adc53093f3c7e6) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
2011/06/17 19:26:19.0781 2584 kmixer (d93cad07c5683db066b0b2d2d3790ead) C:\WINDOWS\system32\drivers\kmixer.sys
2011/06/17 19:26:20.0078 2584 KSecDD (eb7ffe87fd367ea8fca0506f74a87fbb) C:\WINDOWS\system32\drivers\KSecDD.sys
2011/06/17 19:26:20.0750 2584 magicpvt (100ccc630bdecf33d2b4954e4e53a736) C:\WINDOWS\system32\drivers\magicpvt.sys
2011/06/17 19:26:21.0250 2584 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2011/06/17 19:26:21.0734 2584 Modem (6fc6f9d7acc36dca9b914565a3aeda05) C:\WINDOWS\system32\drivers\Modem.sys
2011/06/17 19:26:21.0984 2584 Mouclass (34e1f0031153e491910e12551400192c) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2011/06/17 19:26:22.0250 2584 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
2011/06/17 19:26:22.0500 2584 MountMgr (65653f3b4477f3c63e68a9659f85ee2e) C:\WINDOWS\system32\drivers\MountMgr.sys
2011/06/17 19:26:23.0171 2584 MRxDAV (46edcc8f2db2f322c24f48785cb46366) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2011/06/17 19:26:23.0765 2584 MRxSmb (1fd607fc67f7f7c633c3da65bfc53d18) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2011/06/17 19:26:24.0171 2584 Msfs (561b3a4333ca2dbdba28b5b956822519) C:\WINDOWS\system32\drivers\Msfs.sys
2011/06/17 19:26:24.0421 2584 MSKSSRV (ae431a8dd3c1d0d0610cdbac16057ad0) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2011/06/17 19:26:24.0687 2584 MSPCLOCK (13e75fef9dfeb08eeded9d0246e1f448) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2011/06/17 19:26:25.0062 2584 MSPQM (1988a33ff19242576c3d0ef9ce785da7) C:\WINDOWS\system32\drivers\MSPQM.sys
2011/06/17 19:26:25.0328 2584 mssmbios (469541f8bfd2b32659d5d463a6714bce) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2011/06/17 19:26:25.0593 2584 ms_mpu401 (ca3e22598f411199adc2dfee76cd0ae0) C:\WINDOWS\system32\drivers\msmpu401.sys
2011/06/17 19:26:25.0875 2584 Mup (82035e0f41c2dd05ae41d27fe6cf7de1) C:\WINDOWS\system32\drivers\Mup.sys
2011/06/17 19:26:26.0312 2584 NDIS (558635d3af1c7546d26067d5d9b6959e) C:\WINDOWS\system32\drivers\NDIS.sys
2011/06/17 19:26:26.0625 2584 NdisTapi (08d43bbdacdf23f34d79e44ed35c1b4c) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
2011/06/17 19:26:26.0875 2584 Ndisuio (34d6cd56409da9a7ed573e1c90a308bf) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
2011/06/17 19:26:27.0171 2584 NdisWan (0b90e255a9490166ab368cd55a529893) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
2011/06/17 19:26:27.0437 2584 NDProxy (59fc3fb44d2669bc144fd87826bb571f) C:\WINDOWS\system32\drivers\NDProxy.sys
2011/06/17 19:26:27.0687 2584 NetBIOS (3a2aca8fc1d7786902ca434998d7ceb4) C:\WINDOWS\system32\DRIVERS\netbios.sys
2011/06/17 19:26:28.0000 2584 NetBT (0c80e410cd2f47134407ee7dd19cc86b) C:\WINDOWS\system32\DRIVERS\netbt.sys
2011/06/17 19:26:28.0453 2584 nmwcd (712bc0c22ba00b2ba324c6b8df668ee7) C:\WINDOWS\system32\drivers\ccdcmb.sys
2011/06/17 19:26:28.0703 2584 nmwcdc (7312987b6ccde6f6cee32c14bed1ca2e) C:\WINDOWS\system32\drivers\ccdcmbo.sys
2011/06/17 19:26:28.0968 2584 Npfs (4f601bcb8f64ea3ac0994f98fed03f8e) C:\WINDOWS\system32\drivers\Npfs.sys
2011/06/17 19:26:29.0390 2584 Ntfs (b78be402c3f63dd55521f73876951cdd) C:\WINDOWS\system32\drivers\Ntfs.sys
2011/06/17 19:26:29.0875 2584 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2011/06/17 19:26:30.0140 2584 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
2011/06/17 19:26:30.0406 2584 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
2011/06/17 19:26:30.0703 2584 Parport (29744eb4ce659dfe3b4122deb45bc478) C:\WINDOWS\system32\DRIVERS\parport.sys
2011/06/17 19:26:30.0968 2584 PartMgr (3334430c29dc338092f79c38ef7b4cd0) C:\WINDOWS\system32\drivers\PartMgr.sys
2011/06/17 19:26:31.0234 2584 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
2011/06/17 19:26:31.0593 2584 pccsmcfd (fd2041e9ba03db7764b2248f02475079) C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
2011/06/17 19:26:31.0875 2584 PCI (8086d9979234b603ad5bc2f5d890b234) C:\WINDOWS\system32\DRIVERS\pci.sys
2011/06/17 19:26:32.0375 2584 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
2011/06/17 19:26:32.0640 2584 PCLEPCI (1bebe7de8508a02650cdce45c664c2a2) C:\WINDOWS\system32\drivers\pclepci.sys
2011/06/17 19:26:32.0937 2584 Pcmcia (82a087207decec8456fbe8537947d579) C:\WINDOWS\system32\drivers\Pcmcia.sys
2011/06/17 19:26:33.0250 2584 pcouffin (02aaafb7ba137ce5ddabcdf8090954d9) C:\WINDOWS\system32\Drivers\pcouffin.sys
2011/06/17 19:26:34.0968 2584 PptpMiniport (1c5cc65aac0783c344f16353e60b72ac) C:\WINDOWS\system32\DRIVERS\raspptp.sys
2011/06/17 19:26:35.0234 2584 Processor (0d97d88720a4087ec93af7dbb303b30a) C:\WINDOWS\system32\DRIVERS\processr.sys
2011/06/17 19:26:35.0515 2584 PSched (48671f327553dcf1d27f6197f622a668) C:\WINDOWS\system32\DRIVERS\psched.sys
2011/06/17 19:26:35.0796 2584 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2011/06/17 19:26:36.0078 2584 PxHelp20 (d86b4a68565e444d76457f14172c875a) C:\WINDOWS\system32\Drivers\PxHelp20.sys
2011/06/17 19:26:37.0500 2584 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
2011/06/17 19:26:37.0781 2584 Rasl2tp (98faeb4a4dcf812ba1c6fca4aa3e115c) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2011/06/17 19:26:38.0062 2584 RasPppoe (7306eeed8895454cbed4669be9f79faa) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
2011/06/17 19:26:38.0312 2584 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
2011/06/17 19:26:38.0625 2584 Rdbss (29d66245adba878fff574cd66abd2884) C:\WINDOWS\system32\DRIVERS\rdbss.sys
2011/06/17 19:26:38.0906 2584 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2011/06/17 19:26:39.0234 2584 rdpdr (a2cae2c60bc37e0751ef9dda7ceaf4ad) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
2011/06/17 19:26:39.0703 2584 RDPWD (d4f5643d7714ef499ae9527fdcd50894) C:\WINDOWS\system32\drivers\RDPWD.sys
2011/06/17 19:26:40.0000 2584 redbook (b31b4588e4086d8d84adbf9845c2402b) C:\WINDOWS\system32\DRIVERS\redbook.sys
2011/06/17 19:26:40.0109 2584 RivaTunerEx (8018555fb6b8d56cb86ee5eb860462c6) C:\Program Files\RivaTuner v2.0 RC 15.3 New Year Edition\RivaTunerEx.sys
2011/06/17 19:26:40.0375 2584 ROOTMODEM (d8b0b4ade32574b2d9c5cc34dc0dbbe7) C:\WINDOWS\system32\Drivers\RootMdm.sys
2011/06/17 19:26:40.0734 2584 RTL8023xp (1a2a445e8968b2019e75e08f3a1344fc) C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys
2011/06/17 19:26:41.0000 2584 rtl8139 (d507c1400284176573224903819ffda3) C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
2011/06/17 19:26:41.0328 2584 Secdrv (d26e26ea516450af9d072635c60387f4) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2011/06/17 19:26:41.0640 2584 serenum (a2d868aeeff612e70e213c451a70cafb) C:\WINDOWS\system32\DRIVERS\serenum.sys
2011/06/17 19:26:41.0906 2584 Serial (cd9404d115a00d249f70a371b46d5a26) C:\WINDOWS\system32\DRIVERS\serial.sys
2011/06/17 19:26:42.0187 2584 sfdrv01 (4c0d673281178cb496011a2e28571fc8) C:\WINDOWS\system32\drivers\sfdrv01.sys
2011/06/17 19:26:42.0484 2584 sfdrv01a (4d0ce0fadca29e7da68ce597ac9010bd) C:\WINDOWS\system32\drivers\sfdrv01a.sys
2011/06/17 19:26:43.0031 2584 sfhlp02 (daad4c099ebf5094d32c373ac1ac0f3c) C:\WINDOWS\system32\drivers\sfhlp02.sys
2011/06/17 19:26:43.0328 2584 Sfloppy (0d13b6df6e9e101013a7afb0ce629fe0) C:\WINDOWS\system32\drivers\Sfloppy.sys
2011/06/17 19:26:43.0609 2584 sfsync02 (6dc03269f4c71e4ab313c3597f42a340) C:\WINDOWS\system32\drivers\sfsync02.sys
2011/06/17 19:26:43.0906 2584 sfvfs02 (107b772690050d3b19cbc637ad8fd96e) C:\WINDOWS\system32\drivers\sfvfs02.sys
2011/06/17 19:26:44.0890 2584 splitter (8e186b8f23295d1e42c573b82b80d548) C:\WINDOWS\system32\drivers\splitter.sys
2011/06/17 19:26:45.0187 2584 sr (e41b6d037d6cd08461470af04500dc24) C:\WINDOWS\system32\DRIVERS\sr.sys
2011/06/17 19:26:45.0546 2584 Srv (20b7e396720353e4117d64d9dcb926ca) C:\WINDOWS\system32\DRIVERS\srv.sys
2011/06/17 19:26:45.0906 2584 swenum (03c1bae4766e2450219d20b993d6e046) C:\WINDOWS\system32\DRIVERS\swenum.sys
2011/06/17 19:26:46.0187 2584 swmidi (94abc808fc4b6d7d2bbf42b85e25bb4d) C:\WINDOWS\system32\drivers\swmidi.sys
2011/06/17 19:26:47.0421 2584 sysaudio (650ad082d46bac0e64c9c0e0928492fd) C:\WINDOWS\system32\drivers\sysaudio.sys
2011/06/17 19:26:47.0796 2584 Tcpip (9f4b36614a0fc234525ba224957de55c) C:\WINDOWS\system32\DRIVERS\tcpip.sys
2011/06/17 19:26:48.0156 2584 TDPIPE (38d437cf2d98965f239b0abcd66dcb0f) C:\WINDOWS\system32\drivers\TDPIPE.sys
2011/06/17 19:26:48.0406 2584 TDTCP (ed0580af02502d00ad8c4c066b156be9) C:\WINDOWS\system32\drivers\TDTCP.sys
2011/06/17 19:26:48.0687 2584 TermDD (a540a99c281d933f3d69d55e48727f47) C:\WINDOWS\system32\DRIVERS\termdd.sys
2011/06/17 19:26:49.0234 2584 Udfs (12f70256f140cd7d52c58c7048fde657) C:\WINDOWS\system32\drivers\Udfs.sys
2011/06/17 19:26:49.0562 2584 UnlockerDriver5 (bb879dcfd22926efbeb3298129898cbb) C:\Program Files\Unlocker\UnlockerDriver5.sys
2011/06/17 19:26:49.0890 2584 Update (aff2e5045961bbc0a602bb6f95eb1345) C:\WINDOWS\system32\DRIVERS\update.sys
2011/06/17 19:26:50.0218 2584 upperdev (7062ed67a10f1c83b2ab951736e24f11) C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys
2011/06/17 19:26:50.0515 2584 usbccgp (bffd9f120cc63bcbaa3d840f3eef9f79) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
2011/06/17 19:26:50.0796 2584 usbehci (15e993ba2f6946b2bfbbfcd30398621e) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2011/06/17 19:26:51.0078 2584 usbhub (c72f40947f92cea56a8fb532edf025f1) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2011/06/17 19:26:51.0343 2584 usbprint (a42369b7cd8886cd7c70f33da6fcbcf5) C:\WINDOWS\system32\DRIVERS\usbprint.sys
2011/06/17 19:26:51.0609 2584 usbscan (a6bc71402f4f7dd5b77fd7f4a8ddba85) C:\WINDOWS\system32\DRIVERS\usbscan.sys
2011/06/17 19:26:51.0875 2584 usbser (49106ee29074e6a3d3ac9e24c6d791d8) C:\WINDOWS\system32\drivers\usbser.sys
2011/06/17 19:26:52.0140 2584 UsbserFilt (b76d8039f5b595c4ca551b3d5dd15a98) C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys
2011/06/17 19:26:52.0406 2584 USBSTOR (6cd7b22193718f1d17a47a1cd6d37e75) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2011/06/17 19:26:52.0671 2584 usbuhci (f8fd1400092e23c8f2f31406ef06167b) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
2011/06/17 19:26:52.0937 2584 VgaSave (8a60edd72b4ea5aea8202daf0e427925) C:\WINDOWS\System32\drivers\vga.sys
2011/06/17 19:26:53.0437 2584 VolSnap (ee4660083deba849ff6c485d944b379b) C:\WINDOWS\system32\drivers\VolSnap.sys
2011/06/17 19:26:53.0750 2584 vsdatant (43f1b56c72ea03cd646957d57203e31f) C:\WINDOWS\System32\vsdatant.sys
2011/06/17 19:26:54.0046 2584 Wanarp (984ef0b9788abf89974cfed4bfbaacbc) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2011/06/17 19:26:54.0468 2584 Wdf01000 (d918617b46457b9ac28027722e30f647) C:\WINDOWS\system32\Drivers\wdf01000.sys
2011/06/17 19:26:55.0109 2584 wdmaud (2797f33ebf50466020c430ee4f037933) C:\WINDOWS\system32\drivers\wdmaud.sys
2011/06/17 19:26:55.0453 2584 WmBEnum (bc3ecbcb40147bdae3ad2fd0b4b346d8) C:\WINDOWS\system32\drivers\WmBEnum.sys
2011/06/17 19:26:55.0718 2584 WmFilter (19f9881d8b3484fedb605d0216876898) C:\WINDOWS\system32\drivers\WmFilter.sys
2011/06/17 19:26:56.0000 2584 WmVirHid (7a51545a6409a25eedbdbd97d019e8cc) C:\WINDOWS\system32\drivers\WmVirHid.sys
2011/06/17 19:26:56.0265 2584 WmXlCore (1f083b3bc73017e60c3ca85cf4a70753) C:\WINDOWS\system32\drivers\WmXlCore.sys
2011/06/17 19:26:56.0593 2584 WudfPf (eaa6324f51214d2f6718977ec9ce0def) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
2011/06/17 19:26:56.0906 2584 WudfRd (f91ff1e51fca30b3c3981db7d5924252) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
2011/06/17 19:26:57.0234 2584 yukonwxp (4fd408e42b3e516732e607bed06f39fb) C:\WINDOWS\system32\DRIVERS\yukonwxp.sys
2011/06/17 19:26:57.0359 2584 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
2011/06/17 19:26:57.0562 2584 ================================================================================
2011/06/17 19:26:57.0562 2584 Scan finished
2011/06/17 19:26:57.0562 2584 ================================================================================
2011/06/17 19:26:57.0578 3084 Detected object count: 1
2011/06/17 19:26:57.0578 3084 Actual detected object count: 1
2011/06/17 20:50:32.0937 3084 LockedFile.Multi.Generic(atapi) - User select action: Skip
2011/06/17 19:25:38.0562 3416 ================================================================================
2011/06/17 19:25:38.0562 3416 SystemInfo:
2011/06/17 19:25:38.0562 3416
2011/06/17 19:25:38.0562 3416 OS Version: 5.1.2600 ServicePack: 2.0
2011/06/17 19:25:38.0562 3416 Product type: Workstation
2011/06/17 19:25:38.0562 3416 ComputerName: VANHARA
2011/06/17 19:25:38.0562 3416 UserName: mirek
2011/06/17 19:25:38.0562 3416 Windows directory: C:\WINDOWS
2011/06/17 19:25:38.0562 3416 System windows directory: C:\WINDOWS
2011/06/17 19:25:38.0562 3416 Processor architecture: Intel x86
2011/06/17 19:25:38.0562 3416 Number of processors: 1
2011/06/17 19:25:38.0562 3416 Page size: 0x1000
2011/06/17 19:25:38.0562 3416 Boot type: Normal boot
2011/06/17 19:25:38.0562 3416 ================================================================================
2011/06/17 19:25:44.0453 3416 Initialize success
2011/06/17 19:25:47.0468 2584 ================================================================================
2011/06/17 19:25:47.0468 2584 Scan started
2011/06/17 19:25:47.0468 2584 Mode: Manual;
2011/06/17 19:25:47.0468 2584 ================================================================================
2011/06/17 19:25:49.0703 2584 a347bus (1f61cacacb521215f39061789147968c) C:\WINDOWS\system32\DRIVERS\a347bus.sys
2011/06/17 19:25:50.0000 2584 a347scsi (113e4b318bbaa7483ca4e582a4d63f49) C:\WINDOWS\system32\Drivers\a347scsi.sys
2011/06/17 19:25:50.0265 2584 Aavmker4 (83631291adf2887cffc786d034d3fa15) C:\WINDOWS\system32\drivers\Aavmker4.sys
2011/06/17 19:25:51.0062 2584 ACPI (a10c7534f7223f4a73a948967d00e69b) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2011/06/17 19:25:51.0375 2584 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
2011/06/17 19:25:52.0140 2584 aec (841f385c6cfaf66b58fbd898722bb4f0) C:\WINDOWS\system32\drivers\aec.sys
2011/06/17 19:25:52.0453 2584 AFD (5ac495f4cb807b2b98ad2ad591e6d92e) C:\WINDOWS\System32\drivers\afd.sys
2011/06/17 19:25:52.0750 2584 agp440 (2c428fa0c3e3a01ed93c9b2a27d8d4bb) C:\WINDOWS\system32\DRIVERS\agp440.sys
2011/06/17 19:25:54.0250 2584 ALCXWDM (933933288df5ed26d1928215c97d05c7) C:\WINDOWS\system32\drivers\ALCXWDM.SYS
2011/06/17 19:25:56.0265 2584 aslm75 (71356a1370739e25375a1d17b6ae318f) C:\WINDOWS\system32\drivers\aslm75.sys
2011/06/17 19:25:56.0546 2584 Aspi32 (ed8cee58c1e4c5893f5b2fd686a272bf) C:\WINDOWS\system32\drivers\Aspi32.sys
2011/06/17 19:25:56.0828 2584 aswFsBlk (1c2e6bb4fe8621b1b863855b02bc33eb) C:\WINDOWS\system32\drivers\aswFsBlk.sys
2011/06/17 19:25:57.0140 2584 aswMon2 (452d0ecd14fa02f9b061f42c8a30dd49) C:\WINDOWS\system32\drivers\aswMon2.sys
2011/06/17 19:25:57.0406 2584 aswRdr (b6a9373619d851be80fb5f1b5eed0d4e) C:\WINDOWS\system32\drivers\aswRdr.sys
2011/06/17 19:25:57.0796 2584 aswSnx (9be41c1ae8bc481eb662d85c98d979c2) C:\WINDOWS\system32\drivers\aswSnx.sys
2011/06/17 19:25:58.0171 2584 aswSP (4b1a54ba2bc5873a774df6b70ab8b0b3) C:\WINDOWS\system32\drivers\aswSP.sys
2011/06/17 19:25:58.0437 2584 aswTdi (c7f1cea32766184911293f4e1ee653f5) C:\WINDOWS\system32\drivers\aswTdi.sys
2011/06/17 19:25:58.0703 2584 AsyncMac (02000abf34af4c218c35d257024807d6) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2011/06/17 19:25:59.0000 2584 atapi (cdfe4411a69c224bd1d11b2da92dac51) C:\WINDOWS\system32\DRIVERS\atapi.sys
2011/06/17 19:25:59.0000 2584 Suspicious file (NoAccess): C:\WINDOWS\system32\DRIVERS\atapi.sys. md5: cdfe4411a69c224bd1d11b2da92dac51
2011/06/17 19:25:59.0015 2584 atapi - detected LockedFile.Multi.Generic (1)
2011/06/17 19:25:59.0765 2584 ati2mtag (8759322ffc1a50569c1e5528ee8026b7) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
2011/06/17 19:25:59.0875 2584 ATITool (3de5a08462b782c18f4a136cf464ce8a) C:\Program Files\ATITool\ATITool.sys
2011/06/17 19:26:00.0156 2584 Atmarpc (ec88da854ab7d7752ec8be11a741bb7f) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2011/06/17 19:26:00.0421 2584 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2011/06/17 19:26:01.0531 2584 BCM43XX (e7debb46b9ef1f28932e533be4a3d1a9) C:\WINDOWS\system32\DRIVERS\bcmwl5.sys
2011/06/17 19:26:02.0218 2584 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2011/06/17 19:26:02.0609 2584 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2011/06/17 19:26:03.0125 2584 Cdfs (cd7d5152df32b47f4e36f710b35aae02) C:\WINDOWS\system32\drivers\Cdfs.sys
2011/06/17 19:26:03.0406 2584 Cdrom (af9c19b3100fe010496b1a27181fbf72) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2011/06/17 19:26:04.0296 2584 cmpci (911967964ecddc4adaa37d2955f6876b) C:\WINDOWS\system32\drivers\cmaudio.sys
2011/06/17 19:26:05.0328 2584 Disk (00ca44e4534865f8a3b64f7c0984bff0) C:\WINDOWS\system32\DRIVERS\disk.sys
2011/06/17 19:26:05.0625 2584 dmio (f5e7b358a732d09f4bcf2824b88b9e28) C:\WINDOWS\system32\drivers\dmio.sys
2011/06/17 19:26:05.0890 2584 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2011/06/17 19:26:06.0156 2584 DMusic (a6f881284ac1150e37d9ae47ff601267) C:\WINDOWS\system32\drivers\DMusic.sys
2011/06/17 19:26:06.0640 2584 drmkaud (1ed4dbbae9f5d558dbba4cc450e3eb2e) C:\WINDOWS\system32\drivers\drmkaud.sys
2011/06/17 19:26:06.0906 2584 ENTECH (fd9fc82f134b1c91004ffc76a5ae494b) C:\WINDOWS\system32\DRIVERS\ENTECH.sys
2011/06/17 19:26:07.0140 2584 epmntdrv (f07ba56b0235f15eff8f10dc6389c42e) C:\WINDOWS\system32\epmntdrv.sys
2011/06/17 19:26:07.0390 2584 EuGdiDrv (1f2f4ab15ce03ecc257feb2f6dc5a013) C:\WINDOWS\system32\EuGdiDrv.sys
2011/06/17 19:26:07.0703 2584 Fastfat (3117f595e9615e04f05a54fc15a03b20) C:\WINDOWS\system32\drivers\Fastfat.sys
2011/06/17 19:26:08.0000 2584 Fdc (ced2e8396a8838e59d8fd529c680e02c) C:\WINDOWS\system32\DRIVERS\fdc.sys
2011/06/17 19:26:08.0265 2584 Fips (e153ab8a11de5452bcf5ac7652dbf3ed) C:\WINDOWS\system32\drivers\Fips.sys
2011/06/17 19:26:08.0515 2584 Flpydisk (0dd1de43115b93f4d85e889d7a86f548) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
2011/06/17 19:26:08.0812 2584 FltMgr (157754f0df355a9e0a6f54721914f9c6) C:\WINDOWS\system32\drivers\fltmgr.sys
2011/06/17 19:26:09.0093 2584 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2011/06/17 19:26:09.0375 2584 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2011/06/17 19:26:09.0671 2584 gameenum (5f92fd09e5610a5995da7d775eadcd12) C:\WINDOWS\system32\DRIVERS\gameenum.sys
2011/06/17 19:26:09.0968 2584 Gpc (c0f1d4a21de5a415df8170616703debf) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2011/06/17 19:26:10.0250 2584 hamachi (53b84ef7011832bc094b46c057a42aa8) C:\WINDOWS\system32\DRIVERS\hamachi.sys
2011/06/17 19:26:10.0531 2584 HidUsb (1de6783b918f540149aa69943bdfeba8) C:\WINDOWS\system32\DRIVERS\hidusb.sys
2011/06/17 19:26:11.0031 2584 HPZid412 (9f1d80908658eb7f1bf70809e0b51470) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
2011/06/17 19:26:11.0281 2584 HPZipr12 (f7e3e9d50f9cd3de28085a8fdaa0a1c3) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
2011/06/17 19:26:11.0562 2584 HPZius12 (cf1b7951b4ec8d13f3c93b74bb2b461b) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
2011/06/17 19:26:11.0890 2584 HTTP (c19b522a9ae0bbc3293397f3055e80a1) C:\WINDOWS\system32\Drivers\HTTP.sys
2011/06/17 19:26:12.0734 2584 i8042prt (5502b58eef7486ee6f93f3f164dcb808) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
2011/06/17 19:26:13.0000 2584 Imapi (f8aa320c6a0409c0380e5d8a99d76ec6) C:\WINDOWS\system32\DRIVERS\imapi.sys
2011/06/17 19:26:13.0312 2584 InCDFs (673e994063f3ebb76fccb1b601599567) C:\WINDOWS\system32\drivers\InCDFs.sys
2011/06/17 19:26:13.0718 2584 InCDPass (0608a8e30e000c79dcadfc71f36e90c7) C:\WINDOWS\system32\drivers\InCDPass.sys
2011/06/17 19:26:13.0984 2584 InCDrec (5640b85335369971e9f3ed479840578c) C:\WINDOWS\system32\drivers\InCDrec.sys
2011/06/17 19:26:14.0250 2584 InCDRm (e19757161ca5decf10e0796e8bbd1c3d) C:\WINDOWS\system32\drivers\InCDRm.sys
2011/06/17 19:26:15.0187 2584 intelppm (279fb78702454dff2bb445f238c048d2) C:\WINDOWS\system32\DRIVERS\intelppm.sys
2011/06/17 19:26:15.0437 2584 ip6fw (4448006b6bc60e6c027932cfc38d6855) C:\WINDOWS\system32\drivers\ip6fw.sys
2011/06/17 19:26:15.0703 2584 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2011/06/17 19:26:16.0078 2584 IpInIp (e1ec7f5da720b640cd8fb8424f1b14bb) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2011/06/17 19:26:16.0375 2584 IpNat (b5a8e215ac29d24d60b4d1250ef05ace) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2011/06/17 19:26:16.0671 2584 IPSec (64537aa5c003a6afeee1df819062d0d1) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2011/06/17 19:26:17.0031 2584 IRENUM (50708daa1b1cbb7d6ac1cf8f56a24410) C:\WINDOWS\system32\DRIVERS\irenum.sys
2011/06/17 19:26:17.0546 2584 isapnp (e504f706ccb699c2596e9a3da1596e87) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2011/06/17 19:26:19.0093 2584 Kbdclass (ebdee8a2ee5393890a1acee971c4c246) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2011/06/17 19:26:19.0468 2584 kbdhid (e182fa8e49e8ee41b4adc53093f3c7e6) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
2011/06/17 19:26:19.0781 2584 kmixer (d93cad07c5683db066b0b2d2d3790ead) C:\WINDOWS\system32\drivers\kmixer.sys
2011/06/17 19:26:20.0078 2584 KSecDD (eb7ffe87fd367ea8fca0506f74a87fbb) C:\WINDOWS\system32\drivers\KSecDD.sys
2011/06/17 19:26:20.0750 2584 magicpvt (100ccc630bdecf33d2b4954e4e53a736) C:\WINDOWS\system32\drivers\magicpvt.sys
2011/06/17 19:26:21.0250 2584 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2011/06/17 19:26:21.0734 2584 Modem (6fc6f9d7acc36dca9b914565a3aeda05) C:\WINDOWS\system32\drivers\Modem.sys
2011/06/17 19:26:21.0984 2584 Mouclass (34e1f0031153e491910e12551400192c) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2011/06/17 19:26:22.0250 2584 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
2011/06/17 19:26:22.0500 2584 MountMgr (65653f3b4477f3c63e68a9659f85ee2e) C:\WINDOWS\system32\drivers\MountMgr.sys
2011/06/17 19:26:23.0171 2584 MRxDAV (46edcc8f2db2f322c24f48785cb46366) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2011/06/17 19:26:23.0765 2584 MRxSmb (1fd607fc67f7f7c633c3da65bfc53d18) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2011/06/17 19:26:24.0171 2584 Msfs (561b3a4333ca2dbdba28b5b956822519) C:\WINDOWS\system32\drivers\Msfs.sys
2011/06/17 19:26:24.0421 2584 MSKSSRV (ae431a8dd3c1d0d0610cdbac16057ad0) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2011/06/17 19:26:24.0687 2584 MSPCLOCK (13e75fef9dfeb08eeded9d0246e1f448) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2011/06/17 19:26:25.0062 2584 MSPQM (1988a33ff19242576c3d0ef9ce785da7) C:\WINDOWS\system32\drivers\MSPQM.sys
2011/06/17 19:26:25.0328 2584 mssmbios (469541f8bfd2b32659d5d463a6714bce) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2011/06/17 19:26:25.0593 2584 ms_mpu401 (ca3e22598f411199adc2dfee76cd0ae0) C:\WINDOWS\system32\drivers\msmpu401.sys
2011/06/17 19:26:25.0875 2584 Mup (82035e0f41c2dd05ae41d27fe6cf7de1) C:\WINDOWS\system32\drivers\Mup.sys
2011/06/17 19:26:26.0312 2584 NDIS (558635d3af1c7546d26067d5d9b6959e) C:\WINDOWS\system32\drivers\NDIS.sys
2011/06/17 19:26:26.0625 2584 NdisTapi (08d43bbdacdf23f34d79e44ed35c1b4c) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
2011/06/17 19:26:26.0875 2584 Ndisuio (34d6cd56409da9a7ed573e1c90a308bf) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
2011/06/17 19:26:27.0171 2584 NdisWan (0b90e255a9490166ab368cd55a529893) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
2011/06/17 19:26:27.0437 2584 NDProxy (59fc3fb44d2669bc144fd87826bb571f) C:\WINDOWS\system32\drivers\NDProxy.sys
2011/06/17 19:26:27.0687 2584 NetBIOS (3a2aca8fc1d7786902ca434998d7ceb4) C:\WINDOWS\system32\DRIVERS\netbios.sys
2011/06/17 19:26:28.0000 2584 NetBT (0c80e410cd2f47134407ee7dd19cc86b) C:\WINDOWS\system32\DRIVERS\netbt.sys
2011/06/17 19:26:28.0453 2584 nmwcd (712bc0c22ba00b2ba324c6b8df668ee7) C:\WINDOWS\system32\drivers\ccdcmb.sys
2011/06/17 19:26:28.0703 2584 nmwcdc (7312987b6ccde6f6cee32c14bed1ca2e) C:\WINDOWS\system32\drivers\ccdcmbo.sys
2011/06/17 19:26:28.0968 2584 Npfs (4f601bcb8f64ea3ac0994f98fed03f8e) C:\WINDOWS\system32\drivers\Npfs.sys
2011/06/17 19:26:29.0390 2584 Ntfs (b78be402c3f63dd55521f73876951cdd) C:\WINDOWS\system32\drivers\Ntfs.sys
2011/06/17 19:26:29.0875 2584 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2011/06/17 19:26:30.0140 2584 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
2011/06/17 19:26:30.0406 2584 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
2011/06/17 19:26:30.0703 2584 Parport (29744eb4ce659dfe3b4122deb45bc478) C:\WINDOWS\system32\DRIVERS\parport.sys
2011/06/17 19:26:30.0968 2584 PartMgr (3334430c29dc338092f79c38ef7b4cd0) C:\WINDOWS\system32\drivers\PartMgr.sys
2011/06/17 19:26:31.0234 2584 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
2011/06/17 19:26:31.0593 2584 pccsmcfd (fd2041e9ba03db7764b2248f02475079) C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
2011/06/17 19:26:31.0875 2584 PCI (8086d9979234b603ad5bc2f5d890b234) C:\WINDOWS\system32\DRIVERS\pci.sys
2011/06/17 19:26:32.0375 2584 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
2011/06/17 19:26:32.0640 2584 PCLEPCI (1bebe7de8508a02650cdce45c664c2a2) C:\WINDOWS\system32\drivers\pclepci.sys
2011/06/17 19:26:32.0937 2584 Pcmcia (82a087207decec8456fbe8537947d579) C:\WINDOWS\system32\drivers\Pcmcia.sys
2011/06/17 19:26:33.0250 2584 pcouffin (02aaafb7ba137ce5ddabcdf8090954d9) C:\WINDOWS\system32\Drivers\pcouffin.sys
2011/06/17 19:26:34.0968 2584 PptpMiniport (1c5cc65aac0783c344f16353e60b72ac) C:\WINDOWS\system32\DRIVERS\raspptp.sys
2011/06/17 19:26:35.0234 2584 Processor (0d97d88720a4087ec93af7dbb303b30a) C:\WINDOWS\system32\DRIVERS\processr.sys
2011/06/17 19:26:35.0515 2584 PSched (48671f327553dcf1d27f6197f622a668) C:\WINDOWS\system32\DRIVERS\psched.sys
2011/06/17 19:26:35.0796 2584 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2011/06/17 19:26:36.0078 2584 PxHelp20 (d86b4a68565e444d76457f14172c875a) C:\WINDOWS\system32\Drivers\PxHelp20.sys
2011/06/17 19:26:37.0500 2584 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
2011/06/17 19:26:37.0781 2584 Rasl2tp (98faeb4a4dcf812ba1c6fca4aa3e115c) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2011/06/17 19:26:38.0062 2584 RasPppoe (7306eeed8895454cbed4669be9f79faa) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
2011/06/17 19:26:38.0312 2584 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
2011/06/17 19:26:38.0625 2584 Rdbss (29d66245adba878fff574cd66abd2884) C:\WINDOWS\system32\DRIVERS\rdbss.sys
2011/06/17 19:26:38.0906 2584 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2011/06/17 19:26:39.0234 2584 rdpdr (a2cae2c60bc37e0751ef9dda7ceaf4ad) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
2011/06/17 19:26:39.0703 2584 RDPWD (d4f5643d7714ef499ae9527fdcd50894) C:\WINDOWS\system32\drivers\RDPWD.sys
2011/06/17 19:26:40.0000 2584 redbook (b31b4588e4086d8d84adbf9845c2402b) C:\WINDOWS\system32\DRIVERS\redbook.sys
2011/06/17 19:26:40.0109 2584 RivaTunerEx (8018555fb6b8d56cb86ee5eb860462c6) C:\Program Files\RivaTuner v2.0 RC 15.3 New Year Edition\RivaTunerEx.sys
2011/06/17 19:26:40.0375 2584 ROOTMODEM (d8b0b4ade32574b2d9c5cc34dc0dbbe7) C:\WINDOWS\system32\Drivers\RootMdm.sys
2011/06/17 19:26:40.0734 2584 RTL8023xp (1a2a445e8968b2019e75e08f3a1344fc) C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys
2011/06/17 19:26:41.0000 2584 rtl8139 (d507c1400284176573224903819ffda3) C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
2011/06/17 19:26:41.0328 2584 Secdrv (d26e26ea516450af9d072635c60387f4) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2011/06/17 19:26:41.0640 2584 serenum (a2d868aeeff612e70e213c451a70cafb) C:\WINDOWS\system32\DRIVERS\serenum.sys
2011/06/17 19:26:41.0906 2584 Serial (cd9404d115a00d249f70a371b46d5a26) C:\WINDOWS\system32\DRIVERS\serial.sys
2011/06/17 19:26:42.0187 2584 sfdrv01 (4c0d673281178cb496011a2e28571fc8) C:\WINDOWS\system32\drivers\sfdrv01.sys
2011/06/17 19:26:42.0484 2584 sfdrv01a (4d0ce0fadca29e7da68ce597ac9010bd) C:\WINDOWS\system32\drivers\sfdrv01a.sys
2011/06/17 19:26:43.0031 2584 sfhlp02 (daad4c099ebf5094d32c373ac1ac0f3c) C:\WINDOWS\system32\drivers\sfhlp02.sys
2011/06/17 19:26:43.0328 2584 Sfloppy (0d13b6df6e9e101013a7afb0ce629fe0) C:\WINDOWS\system32\drivers\Sfloppy.sys
2011/06/17 19:26:43.0609 2584 sfsync02 (6dc03269f4c71e4ab313c3597f42a340) C:\WINDOWS\system32\drivers\sfsync02.sys
2011/06/17 19:26:43.0906 2584 sfvfs02 (107b772690050d3b19cbc637ad8fd96e) C:\WINDOWS\system32\drivers\sfvfs02.sys
2011/06/17 19:26:44.0890 2584 splitter (8e186b8f23295d1e42c573b82b80d548) C:\WINDOWS\system32\drivers\splitter.sys
2011/06/17 19:26:45.0187 2584 sr (e41b6d037d6cd08461470af04500dc24) C:\WINDOWS\system32\DRIVERS\sr.sys
2011/06/17 19:26:45.0546 2584 Srv (20b7e396720353e4117d64d9dcb926ca) C:\WINDOWS\system32\DRIVERS\srv.sys
2011/06/17 19:26:45.0906 2584 swenum (03c1bae4766e2450219d20b993d6e046) C:\WINDOWS\system32\DRIVERS\swenum.sys
2011/06/17 19:26:46.0187 2584 swmidi (94abc808fc4b6d7d2bbf42b85e25bb4d) C:\WINDOWS\system32\drivers\swmidi.sys
2011/06/17 19:26:47.0421 2584 sysaudio (650ad082d46bac0e64c9c0e0928492fd) C:\WINDOWS\system32\drivers\sysaudio.sys
2011/06/17 19:26:47.0796 2584 Tcpip (9f4b36614a0fc234525ba224957de55c) C:\WINDOWS\system32\DRIVERS\tcpip.sys
2011/06/17 19:26:48.0156 2584 TDPIPE (38d437cf2d98965f239b0abcd66dcb0f) C:\WINDOWS\system32\drivers\TDPIPE.sys
2011/06/17 19:26:48.0406 2584 TDTCP (ed0580af02502d00ad8c4c066b156be9) C:\WINDOWS\system32\drivers\TDTCP.sys
2011/06/17 19:26:48.0687 2584 TermDD (a540a99c281d933f3d69d55e48727f47) C:\WINDOWS\system32\DRIVERS\termdd.sys
2011/06/17 19:26:49.0234 2584 Udfs (12f70256f140cd7d52c58c7048fde657) C:\WINDOWS\system32\drivers\Udfs.sys
2011/06/17 19:26:49.0562 2584 UnlockerDriver5 (bb879dcfd22926efbeb3298129898cbb) C:\Program Files\Unlocker\UnlockerDriver5.sys
2011/06/17 19:26:49.0890 2584 Update (aff2e5045961bbc0a602bb6f95eb1345) C:\WINDOWS\system32\DRIVERS\update.sys
2011/06/17 19:26:50.0218 2584 upperdev (7062ed67a10f1c83b2ab951736e24f11) C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys
2011/06/17 19:26:50.0515 2584 usbccgp (bffd9f120cc63bcbaa3d840f3eef9f79) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
2011/06/17 19:26:50.0796 2584 usbehci (15e993ba2f6946b2bfbbfcd30398621e) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2011/06/17 19:26:51.0078 2584 usbhub (c72f40947f92cea56a8fb532edf025f1) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2011/06/17 19:26:51.0343 2584 usbprint (a42369b7cd8886cd7c70f33da6fcbcf5) C:\WINDOWS\system32\DRIVERS\usbprint.sys
2011/06/17 19:26:51.0609 2584 usbscan (a6bc71402f4f7dd5b77fd7f4a8ddba85) C:\WINDOWS\system32\DRIVERS\usbscan.sys
2011/06/17 19:26:51.0875 2584 usbser (49106ee29074e6a3d3ac9e24c6d791d8) C:\WINDOWS\system32\drivers\usbser.sys
2011/06/17 19:26:52.0140 2584 UsbserFilt (b76d8039f5b595c4ca551b3d5dd15a98) C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys
2011/06/17 19:26:52.0406 2584 USBSTOR (6cd7b22193718f1d17a47a1cd6d37e75) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2011/06/17 19:26:52.0671 2584 usbuhci (f8fd1400092e23c8f2f31406ef06167b) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
2011/06/17 19:26:52.0937 2584 VgaSave (8a60edd72b4ea5aea8202daf0e427925) C:\WINDOWS\System32\drivers\vga.sys
2011/06/17 19:26:53.0437 2584 VolSnap (ee4660083deba849ff6c485d944b379b) C:\WINDOWS\system32\drivers\VolSnap.sys
2011/06/17 19:26:53.0750 2584 vsdatant (43f1b56c72ea03cd646957d57203e31f) C:\WINDOWS\System32\vsdatant.sys
2011/06/17 19:26:54.0046 2584 Wanarp (984ef0b9788abf89974cfed4bfbaacbc) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2011/06/17 19:26:54.0468 2584 Wdf01000 (d918617b46457b9ac28027722e30f647) C:\WINDOWS\system32\Drivers\wdf01000.sys
2011/06/17 19:26:55.0109 2584 wdmaud (2797f33ebf50466020c430ee4f037933) C:\WINDOWS\system32\drivers\wdmaud.sys
2011/06/17 19:26:55.0453 2584 WmBEnum (bc3ecbcb40147bdae3ad2fd0b4b346d8) C:\WINDOWS\system32\drivers\WmBEnum.sys
2011/06/17 19:26:55.0718 2584 WmFilter (19f9881d8b3484fedb605d0216876898) C:\WINDOWS\system32\drivers\WmFilter.sys
2011/06/17 19:26:56.0000 2584 WmVirHid (7a51545a6409a25eedbdbd97d019e8cc) C:\WINDOWS\system32\drivers\WmVirHid.sys
2011/06/17 19:26:56.0265 2584 WmXlCore (1f083b3bc73017e60c3ca85cf4a70753) C:\WINDOWS\system32\drivers\WmXlCore.sys
2011/06/17 19:26:56.0593 2584 WudfPf (eaa6324f51214d2f6718977ec9ce0def) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
2011/06/17 19:26:56.0906 2584 WudfRd (f91ff1e51fca30b3c3981db7d5924252) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
2011/06/17 19:26:57.0234 2584 yukonwxp (4fd408e42b3e516732e607bed06f39fb) C:\WINDOWS\system32\DRIVERS\yukonwxp.sys
2011/06/17 19:26:57.0359 2584 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
2011/06/17 19:26:57.0562 2584 ================================================================================
2011/06/17 19:26:57.0562 2584 Scan finished
2011/06/17 19:26:57.0562 2584 ================================================================================
2011/06/17 19:26:57.0578 3084 Detected object count: 1
2011/06/17 19:26:57.0578 3084 Actual detected object count: 1
2011/06/17 20:50:32.0937 3084 LockedFile.Multi.Generic(atapi) - User select action: Skip
-
Rudy
- Site Admin
- Příspěvky: 119405
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zaplňování systémového disku
Vraťme se k CF. Stáhněte přiložený soubor a rozbalte ho na plochu. Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkaz ze skriptu.FCopy::
c:\documents and settings\mirek\Desktop\atapi.sys | c:\windows\system32\drivers\atapi.sys
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?