Zpomalené pouštění PC - prosím o kontrolu logu

Zpráva

13918 · #1 Příspěvek od **13918** » 15 říj 2011 11:17

Prosím o kontrolu logu,pc po zapnutí zůstává "viset" v úvodní obrazovce na které je logo zákl.desky a věta ..."pres DEL" k výzvě pro vstup do Biosu.S HW PC nikdo nic nedělal, do Biosu nikdo nezasahoval. PC se spustí cca po 10-30 min.

Logfile of random's system information tool 1.09 (written by random/random)
Run by Ferda Mravenec at 2011-10-15 12:03:52
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 209 GB (68%) free of 305 GB
Total RAM: 2047 MB (67% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:04:05, on 15.10.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\HP\hpcoretech\comp\hptskmgr.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Opera\opera.exe
C:\Documents and Settings\Ferda Mravenec\Plocha\RSIT.exe
C:\Program Files\trend micro\Ferda Mravenec.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: {1A03F196-9617-4CA0-842B-A83CEECB022B} - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [Family Tree Builder Update] G:\Program Files\MyHeritage\Bin\FTBCheckUpdates.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [itype] "C:\Program Files\Microsoft IntelliType Pro\itype.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

--
End of file - 8502 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\1-Click Maintenance.job
C:\WINDOWS\tasks\Microsoft_Hardware_Launch_IType_exe.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Plug-In - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-02-11 1246600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-06-30 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-06-30 79648]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2008-03-01 1443072]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2006-11-17 577536]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-09-25 98304]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"HP Component Manager"=C:\Program Files\HP\hpcoretech\hpcmpmgr.exe [2003-12-22 241664]
"HPDJ Taskbar Utility"=C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe [2005-07-23 172032]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-09-08 37296]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-03-30 937920]
"LVCOMSX"=C:\WINDOWS\system32\LVCOMSX.EXE [2004-10-08 221184]
"LogitechVideoRepair"=C:\Program Files\Logitech\Video\ISStart.exe [2004-10-08 458752]
"LogitechVideoTray"=C:\Program Files\Logitech\Video\LogiTray.exe [2004-10-08 217088]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2005-09-25 155648]
"BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent []
"Family Tree Builder Update"=G:\Program Files\MyHeritage\Bin\FTBCheckUpdates.exe [2011-06-21 225280]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-04-08 254696]
"itype"=C:\Program Files\Microsoft IntelliType Pro\itype.exe [2011-08-10 1313640]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"LogitechSoftwareUpdate"=C:\Program Files\Logitech\Video\ManifestEngine.exe [2004-10-08 196608]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2009-09-24 155648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=0x91000000

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\ICQ7.5\ICQ.exe"="C:\Program Files\ICQ7.5\ICQ.exe:*:Enabled:ICQ7.5"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\ICQ7.5\ICQ.exe"="C:\Program Files\ICQ7.5\ICQ.exe:*:Enabled:ICQ7.5"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=lvcodec2.dll
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"midi"=wdmaud.drv
"wave"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave2"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer2"=wdmaud.drv
"MSVideo"=vfwwdm32.dll
"MSVideo8"=VfWWDM32.dll
"wave3"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux2"=wdmaud.drv
"wave4"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux3"=wdmaud.drv
"vidc.XVID"=xvidvfw.dll

======List of files/folders created in the last 1 month======

2011-10-15 12:03:52 ----D---- C:\rsit
2011-10-15 12:03:52 ----D---- C:\Program Files\trend micro
2011-10-08 14:35:55 ----D---- C:\Documents and Settings\Ferda Mravenec\Data aplikací\TVU Networks
2011-10-08 14:35:46 ----D---- C:\Documents and Settings\All Users\Data aplikací\TVU Networks
2011-10-08 10:23:41 ----D---- C:\Program Files\WinXMedia
2011-10-01 11:54:48 ----D---- C:\Documents and Settings\Ferda Mravenec\Data aplikací\Babylon
2011-10-01 11:54:48 ----D---- C:\Documents and Settings\All Users\Data aplikací\Babylon
2011-09-17 18:35:26 ----A---- C:\WINDOWS\system32\hidserv.dll
2011-09-17 18:29:19 ----D---- C:\Program Files\Microsoft IntelliType Pro
2011-09-17 17:05:17 ----D---- C:\Documents and Settings\All Users\Data aplikací\Easy Driver Pro
2011-09-17 15:52:07 ----D---- C:\Temp
2011-09-16 22:43:58 ----A---- C:\WINDOWS\system32\xvidvfw.dll
2011-09-16 22:17:48 ----D---- C:\Documents and Settings\Ferda Mravenec\Data aplikací\Xilisoft
2011-09-16 22:17:13 ----D---- C:\Documents and Settings\Ferda Mravenec\Data aplikací\Toolbar4

======List of files/folders modified in the last 1 month======

2011-10-15 12:04:00 ----D---- C:\WINDOWS\Prefetch
2011-10-15 12:03:54 ----D---- C:\WINDOWS\Temp
2011-10-15 12:03:52 ----RD---- C:\Program Files
2011-10-15 11:19:25 ----AD---- C:\WINDOWS
2011-10-15 10:41:58 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-10-15 10:40:52 ----A---- C:\WINDOWS\NeroDigital.ini
2011-10-14 18:19:33 ----RSD---- C:\WINDOWS\assembly
2011-10-14 18:19:33 ----D---- C:\WINDOWS\Microsoft.NET
2011-10-13 14:56:30 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-10-13 14:56:30 ----D---- C:\WINDOWS\system32
2011-10-12 20:39:09 ----D---- C:\WINDOWS\Debug
2011-10-12 20:23:38 ----HD---- C:\WINDOWS\inf
2011-10-12 20:23:32 ----SHD---- C:\WINDOWS\Installer
2011-10-12 20:23:32 ----D---- C:\Config.Msi
2011-10-12 20:23:22 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-10-12 20:23:05 ----D---- C:\WINDOWS\WinSxS
2011-10-12 20:19:55 ----A---- C:\WINDOWS\system32\MRT.exe
2011-10-12 20:19:43 ----D---- C:\WINDOWS\system32\drivers
2011-10-12 20:19:40 ----HD---- C:\WINDOWS\$hf_mig$
2011-10-12 20:19:09 ----D---- C:\Program Files\Internet Explorer
2011-10-12 19:14:37 ----D---- C:\Program Files\Opera
2011-10-09 17:18:35 ----D---- C:\Documents and Settings\Ferda Mravenec\Data aplikací\Skype
2011-10-09 17:17:46 ----D---- C:\Documents and Settings\Ferda Mravenec\Data aplikací\skypePM
2011-10-08 15:59:58 ----D---- C:\Documents and Settings\Ferda Mravenec\Data aplikací\ICQ
2011-10-08 10:51:38 ----D---- C:\WINDOWS\system32\CatRoot2
2011-10-08 10:29:19 ----D---- C:\WINDOWS\system32\config
2011-10-03 10:31:24 ----A---- C:\WINDOWS\system32\mshtml.dll
2011-09-26 11:41:42 ----A---- C:\WINDOWS\system32\uiautomationcore.dll
2011-09-26 11:41:42 ----A---- C:\WINDOWS\system32\oleaccrc.dll
2011-09-26 11:41:20 ----A---- C:\WINDOWS\system32\oleacc.dll
2011-09-17 21:11:19 ----D---- C:\WINDOWS\security
2011-09-17 18:29:48 ----SD---- C:\WINDOWS\Tasks
2011-09-17 18:29:24 ----DC---- C:\WINDOWS\system32\DRVSTORE

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 a347bus;a347bus; C:\WINDOWS\system32\DRIVERS\a347bus.sys [2004-04-30 160640]
R0 a347scsi;a347scsi; C:\WINDOWS\System32\Drivers\a347scsi.sys [2004-04-30 5248]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI VIA; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-14 61696]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2011-04-17 642560]
R1 easdrv;easdrv; C:\WINDOWS\system32\DRIVERS\easdrv.sys [2008-03-01 29704]
R1 epfwtdi;epfwtdi; C:\WINDOWS\system32\DRIVERS\epfwtdi.sys [2008-03-01 54280]
R2 eamon;EAMON; C:\WINDOWS\system32\DRIVERS\eamon.sys [2008-03-01 39944]
R2 epfw;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [2008-03-01 71176]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2007-03-08 4027840]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2009-09-24 4481024]
R3 EL90XBC;3Com EtherLink XL 90XB/C Adapter Driver; C:\WINDOWS\system32\DRIVERS\el90xbc5.sys [2001-08-17 66591]
R3 Epfwndis;Eset Personal Firewall; C:\WINDOWS\system32\DRIVERS\Epfwndis.sys [2008-03-01 30728]
R3 es1371;Creative AudioPCI (ES1371,ES1373) (WDM); C:\WINDOWS\system32\drivers\es1371mp.sys [2001-08-17 40704]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 ms_mpu401;Microsoft MPU-401 MIDI UART Driver; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-18 2944]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
R3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S1 InCDPass;InCDPass; C:\WINDOWS\system32\drivers\InCDPass.sys []
S1 InCDRm;InCD Reader; C:\WINDOWS\system32\drivers\InCDRm.sys []
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-14 17024]
S3 BTHMODEM;Ovladač komunikace modemu Bluetooth; C:\WINDOWS\system32\DRIVERS\bthmodem.sys [2008-04-14 37888]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-14 101120]
S3 BTHPORT;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272128]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-14 18944]
S3 CamDrL;Logitech QuickCam Pro 3000(CamDrl); C:\WINDOWS\system32\DRIVERS\Camdrl.sys [2004-10-08 326656]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 GT680xNT;ColorPage-Vivid 1200X; C:\WINDOWS\system32\drivers\gt680x.sys [2003-02-27 17376]
S3 h643331;h643331; C:\WINDOWS\system32\drivers\h643331.sys []
S3 hid3331;hid3331; C:\WINDOWS\system32\drivers\hid3331.sys [2008-05-19 41024]
S3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\lvusbsta.sys [2004-10-08 22016]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-14 59136]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-14 60032]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 vaxscsi;vaxscsi; C:\WINDOWS\System32\Drivers\vaxscsi.sys [2011-04-17 223128]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S4 InCDFs;InCD File System; C:\WINDOWS\system32\drivers\InCDFs.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2009-09-24 602112]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 ekrn;Eset Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2007-12-21 468224]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2011-06-30 153376]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2004-08-11 38912]
R2 UxTuneUp;TuneUp Design Expansion; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2009-09-25 593920]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 EhttpSrv;Eset HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2008-03-01 19200]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

13918 · #2 Příspěvek od **13918** » 15 říj 2011 17:25

Pro úplnost ještě uvádím, že pokud PC po naběhnutí pošlu do "Sleep" režimu, probírá se z něho bez jakéhokoliv zpoždění.

#3 Příspěvek od **motji** » 15 říj 2011 17:45

Dobrý večer

Co jste naposledy instaloval?
porposím ještě o druhý log s názvem info.txt

13918 · #4 Příspěvek od **13918** » 15 říj 2011 18:40

info.txt logfile of random's system information tool 1.09 2011-10-15 12:04:07

======Uninstall list======

-->MsiExec.exe /X{E9F81423-211E-46B6-9AE0-38568BC5CF6F}
##CAMERADRIVERNAME##-->"C:\Program Files\Common Files\Logitech\QCDRV\BIN\SETUP.EXE" UNINSTALL REMOVEPROMPT
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil10o_ActiveX.exe -maintain activex
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil10x_Plugin.exe -maintain plugin
Adobe Reader 9.4.6 - Czech-->MsiExec.exe /I{AC76BA86-7AD7-1029-7B44-A94000000001}
Age of Empires III-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{7B9CC60A-9B81-46A3-A953-76B6BF9EEC97}
Aktualizace systému Windows Internet Explorer 8 (KB976662)-->"C:\WINDOWS\ie8updates\KB976662-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2482017)-->"C:\WINDOWS\ie8updates\KB2482017-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2497640)-->"C:\WINDOWS\ie8updates\KB2497640-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2510531)-->"C:\WINDOWS\ie8updates\KB2510531-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2530548)-->"C:\WINDOWS\ie8updates\KB2530548-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2544521)-->"C:\WINDOWS\ie8updates\KB2544521-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2559049)-->"C:\WINDOWS\ie8updates\KB2559049-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2586448)-->"C:\WINDOWS\ie8updates\KB2586448-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB971961)-->"C:\WINDOWS\ie8updates\KB971961-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB981332)-->"C:\WINDOWS\ie8updates\KB981332-IE8\spuninst\spuninst.exe"
ATI - Software Uninstall Utility-->C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe
ATI Catalyst Control Center-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{055EE59D-217B-43A7-ABFF-507B966405D8}\setup.exe" -l0x0
ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
Catalyst Control Center - Branding-->MsiExec.exe /I{1FF713E1-FE5E-4AD0-9C8C-B2E877846B45}
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
Codec Pack - All In 1 6.0.3.0-->C:\WINDOWS\iun6002.exe "C:\Program Files\Codec Pack - All In 1\irunin.ini"
Command & Conquer Generals-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{06F80017-8F98-4C94-B868-52358569FC32}
DesetiPrsty5 5.2-->C:\Program Files\DesetiPrsty\pmqUnInstall.exe
Dream Cars-->"C:\Program Files\GameTop.com\Dream Cars\unins000.exe"
ESET Online Scanner v3-->C:\Program Files\ESET\ESET Online Scanner\OnlineScannerUninstaller.exe
ESET Smart Security-->MsiExec.exe /I{6ECB944F-D027-4E8A-9906-70E77C005AD5}
FlatOut2-->"F:\Program Files\FlatOut2\unins000.exe"
Ford Racing 2-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{797E03F8-C8A0-47ED-AA9F-D7076276E491}\setup.exe"
Genius Scanner-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CCEB2144-5F5D-49E8-AADC-05CA48AE9AA5}\setup.exe"
GTI Racing-->C:\Program Files\Techland\GTI Racing\uninstall.exe
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
HP Deskjet 3740 Series-->rundll32 hpzcon10.dll,VendorJettison HP Deskjet 3740 Series
HP Deskjet 3740-->msiexec /x{F901CA6D-A074-42D3-A11D-33AAE6FFD0C1}
ICQ7.5-->"C:\Program Files\InstallShield Installation Information\{7578ADEA-D65F-4C89-A249-B1C88B6FFC20}\ICQ7.exe" -runfromtemp -l0x0009 -removeonly
Java(TM) 6 Update 26-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216026FF}
Logitech QuickCam Software-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C43048A9-742C-4DAD-90D2-E3B53C9DB825}\setup.exe" -l0x9
LS-USBMX 1/2/3 Steering Wheel W/Vibration-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0700\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0DF77F53-B2A0-426E-A9C0-A1EF1CD9C17E}\setup.exe" -l0x9
Microsoft .NET Framework 1.1 Security Update (KB2572067)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M2572067\M2572067Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft .NET Framework 4 Client Profile CSY Language Pack-->C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\ClientLP\Setup.exe /repair /x86 /lcid 1029 /parameterfolder ClientLP
Microsoft .NET Framework 4 Client Profile CSY Language Pack-->MsiExec.exe /X{7036A6F4-5DAD-3908-956D-1752CD7F7E5A}
Microsoft .NET Framework 4 Client Profile-->C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /parameterfolder Client
Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{3C3901C5-3455-3E0A-A214-0B093A5070A6}
Microsoft .NET Framework 4 Extended CSY Language Pack-->C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\ExtendedLP\Setup.exe /repair /x86 /lcid 1029 /parameterfolder ExtendedLP
Microsoft .NET Framework 4 Extended CSY Language Pack-->MsiExec.exe /X{A2DE62D8-EF1B-36CB-B461-B1E221ED8608}
Microsoft .NET Framework 4 Extended-->C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Extended\Setup.exe /repair /x86 /parameterfolder Extended
Microsoft .NET Framework 4 Extended-->MsiExec.exe /X{0A0CADCF-78DA-33C4-A350-CD51849B9702}
Microsoft IntelliType Pro 8.2-->msiexec.exe /I {9BD2DD45-8763-4F12-BDC6-958FCFEF0FCB}
Microsoft IntelliType Pro 8.2-->MsiExec.exe /X{9BD2DD45-8763-4F12-BDC6-958FCFEF0FCB}
Microsoft Office Access MUI (Czech) 2007-->MsiExec.exe /X{90120000-0015-0405-0000-0000000FF1CE}
Microsoft Office Enterprise 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (Czech) 2007-->MsiExec.exe /X{90120000-0016-0405-0000-0000000FF1CE}
Microsoft Office Groove MUI (Czech) 2007-->MsiExec.exe /X{90120000-00BA-0405-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (Czech) 2007-->MsiExec.exe /X{90120000-0044-0405-0000-0000000FF1CE}
Microsoft Office OneNote MUI (Czech) 2007-->MsiExec.exe /X{90120000-00A1-0405-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Czech) 2007-->MsiExec.exe /X{90120000-001A-0405-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Czech) 2007-->MsiExec.exe /X{90120000-0018-0405-0000-0000000FF1CE}
Microsoft Office Proof (Czech) 2007-->MsiExec.exe /X{90120000-001F-0405-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Slovak) 2007-->MsiExec.exe /X{90120000-001F-041B-0000-0000000FF1CE}
Microsoft Office Proofing (Czech) 2007-->MsiExec.exe /X{90120000-002C-0405-0000-0000000FF1CE}
Microsoft Office Publisher MUI (Czech) 2007-->MsiExec.exe /X{90120000-0019-0405-0000-0000000FF1CE}
Microsoft Office Shared MUI (Czech) 2007-->MsiExec.exe /X{90120000-006E-0405-0000-0000000FF1CE}
Microsoft Office Word MUI (Czech) 2007-->MsiExec.exe /X{90120000-001B-0405-0000-0000000FF1CE}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server Compact 3.5 SP1 English-->MsiExec.exe /I{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022-->MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729-->MsiExec.exe /X{6AFCA4E1-9B78-3640-8F72-A7BF33448200}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
MyHeritage Family Tree Builder-->G:\Program Files\MyHeritage\Bin\Uninstall.exe
Nero 7 Ultra Edition-->MsiExec.exe /I{4781569D-5404-1F26-4B2B-6DF444441031}
Opera 11.51-->"C:\Program Files\Opera\Opera.exe" /uninstall
Presto! PageManager-->C:\WINDOWS\uninst.exe -f"C:\Program Files\NewSoft\PageManager\DeIsL2.isu"
Realtek AC'97 Audio-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe" -l0x5 -removeonly
Rossmann Foto-Shop Software 4.9-->C:\Program Files\Rossmann Foto-Shop Software\Deinstalace.exe
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A8894F19-59C8-38D2-8A75-36C0CCE56A5B} /qb+ REBOOTPROMPT=""
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)-->C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {3E0806DB-3085-378A-840A-F0D3AE3609D1} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)-->C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {728D9A6A-2206-31E8-9F65-C3EABEFCF53E} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)-->C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {2CE2EB39-45C8-32D4-8A99-5529C38F1B99} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)-->C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {7E97AB83-C1FE-38DE-B848-877E0A4BD81E} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)-->C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {DB31DEDD-BF95-31E7-A9B7-5480561CEFF3} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile CSY Language Pack (KB2478663)-->c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\ClientLP\setup.exe /uninstallpatch {728D9A6A-2206-31E8-9F65-C3EABEFCF53E} /parameterfolder ClientLP
Security Update for Microsoft .NET Framework 4 Client Profile CSY Language Pack (KB2518870)-->c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\ClientLP\setup.exe /uninstallpatch {2CE2EB39-45C8-32D4-8A99-5529C38F1B99} /parameterfolder ClientLP
Security Update for Microsoft .NET Framework 4 Extended (KB2416472)-->c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {7A2C18A1-D2A2-3177-82F1-5FE9CC08ECB0} /parameterfolder Extended
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)-->c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {42A3562E-8B4E-39A4-B82D-CC12F82889E3} /parameterfolder Extended
Skype Toolbars-->MsiExec.exe /I{A29549FD-65F3-440C-A552-6B8114CF319D}
Skype™ 5.1-->MsiExec.exe /X{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
The KMPlayer (remove only)-->"C:\Program Files\The KMPlayer\uninstall.exe"
Trainz Simulator 2009: World Builder Edition-->"G:\Program Files\Auran\TS2009\unins000.exe"
TRS2006-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5ED9E38C-9A96-49D8-89B3-92E278003FCF}\Setup.exe" -l0x5
TuneUp Utilities 2007-->MsiExec.exe /I{C8BB4912-12D9-42AE-B571-E580D8CD1B5B}
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)-->C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {FD988F49-E1C8-3C84-9683-0448B6BB8E20} /parameterfolder Client
WinDjView 1.0.3-->C:\Program Files\WinDjView\uninstall.exe
Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe"
Windows Media Format Runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
WinRAR-->C:\Program Files\WinRAR\uninstall.exe

======Security center information======

AV: ESET Smart Security 3.0
FW: ESET personal firewall

======System event log======

Computer Name: FERDA-B66A118AD
Event Code: 7036
Message: Stav služby Služba rozpoznávání pomocí protokolu SSDP byl změněn na: Spuštěno

Record Number: 11922
Source Name: Service Control Manager
Time Written: 20110903074739.000000+120
Event Type: Informace
User:

Computer Name: FERDA-B66A118AD
Event Code: 7036
Message: Stav služby Služba modelu COM pro zápis na disk CD (IMAPI) byl změněn na: Spuštěno

Record Number: 11921
Source Name: Service Control Manager
Time Written: 20110903074739.000000+120
Event Type: Informace
User:

Computer Name: FERDA-B66A118AD
Event Code: 7035
Message: Řídící příkaz Spuštěno byl službě Služba rozpoznávání pomocí protokolu SSDP úspěšně odeslán.

Record Number: 11920
Source Name: Service Control Manager
Time Written: 20110903074739.000000+120
Event Type: Informace
User: NT AUTHORITY\SYSTEM

Computer Name: FERDA-B66A118AD
Event Code: 7036
Message: Stav služby Sledování umístění v síti (NLA) byl změněn na: Spuštěno

Record Number: 11919
Source Name: Service Control Manager
Time Written: 20110903074739.000000+120
Event Type: Informace
User:

Computer Name: FERDA-B66A118AD
Event Code: 7035
Message: Řídící příkaz Spuštěno byl službě Sledování umístění v síti (NLA) úspěšně odeslán.

Record Number: 11918
Source Name: Service Control Manager
Time Written: 20110903074738.000000+120
Event Type: Informace
User: NT AUTHORITY\SYSTEM

=====Application event log=====

Computer Name: FERDA-B66A118AD
Event Code: 0
Message:
Record Number: 1080
Source Name: ICQ Service
Time Written: 20110707141132.000000+120
Event Type: Informace
User:

Computer Name: FERDA-B66A118AD
Event Code: 105
Message: The service was started.

Record Number: 1079
Source Name: ATI Smart
Time Written: 20110707141123.000000+120
Event Type: Informace
User:

Computer Name: FERDA-B66A118AD
Event Code: 1800
Message: Služba Centrum zabezpečení systému Windows byla spuštěna.

Record Number: 1078
Source Name: SecurityCenter
Time Written: 20110707094215.000000+120
Event Type: Informace
User:

Computer Name: FERDA-B66A118AD
Event Code: 0
Message:
Record Number: 1077
Source Name: ICQ Service
Time Written: 20110707094155.000000+120
Event Type: Informace
User:

Computer Name: FERDA-B66A118AD
Event Code: 105
Message: The service was started.

Record Number: 1076
Source Name: ATI Smart
Time Written: 20110707094146.000000+120
Event Type: Informace
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 47 Stepping 2, AuthenticAMD
"PROCESSOR_REVISION"=2f02
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP

-----------------EOF-----------------

13918 · #5 Příspěvek od **13918** » 15 říj 2011 18:40

info.txt logfile of random's system information tool 1.09 2011-10-15 12:04:07

======Uninstall list======

-->MsiExec.exe /X{E9F81423-211E-46B6-9AE0-38568BC5CF6F}
##CAMERADRIVERNAME##-->"C:\Program Files\Common Files\Logitech\QCDRV\BIN\SETUP.EXE" UNINSTALL REMOVEPROMPT
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil10o_ActiveX.exe -maintain activex
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil10x_Plugin.exe -maintain plugin
Adobe Reader 9.4.6 - Czech-->MsiExec.exe /I{AC76BA86-7AD7-1029-7B44-A94000000001}
Age of Empires III-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{7B9CC60A-9B81-46A3-A953-76B6BF9EEC97}
Aktualizace systému Windows Internet Explorer 8 (KB976662)-->"C:\WINDOWS\ie8updates\KB976662-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2482017)-->"C:\WINDOWS\ie8updates\KB2482017-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2497640)-->"C:\WINDOWS\ie8updates\KB2497640-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2510531)-->"C:\WINDOWS\ie8updates\KB2510531-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2530548)-->"C:\WINDOWS\ie8updates\KB2530548-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2544521)-->"C:\WINDOWS\ie8updates\KB2544521-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2559049)-->"C:\WINDOWS\ie8updates\KB2559049-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2586448)-->"C:\WINDOWS\ie8updates\KB2586448-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB971961)-->"C:\WINDOWS\ie8updates\KB971961-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB981332)-->"C:\WINDOWS\ie8updates\KB981332-IE8\spuninst\spuninst.exe"
ATI - Software Uninstall Utility-->C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe
ATI Catalyst Control Center-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{055EE59D-217B-43A7-ABFF-507B966405D8}\setup.exe" -l0x0
ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
Catalyst Control Center - Branding-->MsiExec.exe /I{1FF713E1-FE5E-4AD0-9C8C-B2E877846B45}
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
Codec Pack - All In 1 6.0.3.0-->C:\WINDOWS\iun6002.exe "C:\Program Files\Codec Pack - All In 1\irunin.ini"
Command & Conquer Generals-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{06F80017-8F98-4C94-B868-52358569FC32}
DesetiPrsty5 5.2-->C:\Program Files\DesetiPrsty\pmqUnInstall.exe
Dream Cars-->"C:\Program Files\GameTop.com\Dream Cars\unins000.exe"
ESET Online Scanner v3-->C:\Program Files\ESET\ESET Online Scanner\OnlineScannerUninstaller.exe
ESET Smart Security-->MsiExec.exe /I{6ECB944F-D027-4E8A-9906-70E77C005AD5}
FlatOut2-->"F:\Program Files\FlatOut2\unins000.exe"
Ford Racing 2-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{797E03F8-C8A0-47ED-AA9F-D7076276E491}\setup.exe"
Genius Scanner-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CCEB2144-5F5D-49E8-AADC-05CA48AE9AA5}\setup.exe"
GTI Racing-->C:\Program Files\Techland\GTI Racing\uninstall.exe
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
HP Deskjet 3740 Series-->rundll32 hpzcon10.dll,VendorJettison HP Deskjet 3740 Series
HP Deskjet 3740-->msiexec /x{F901CA6D-A074-42D3-A11D-33AAE6FFD0C1}
ICQ7.5-->"C:\Program Files\InstallShield Installation Information\{7578ADEA-D65F-4C89-A249-B1C88B6FFC20}\ICQ7.exe" -runfromtemp -l0x0009 -removeonly
Java(TM) 6 Update 26-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216026FF}
Logitech QuickCam Software-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C43048A9-742C-4DAD-90D2-E3B53C9DB825}\setup.exe" -l0x9
LS-USBMX 1/2/3 Steering Wheel W/Vibration-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0700\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0DF77F53-B2A0-426E-A9C0-A1EF1CD9C17E}\setup.exe" -l0x9
Microsoft .NET Framework 1.1 Security Update (KB2572067)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M2572067\M2572067Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft .NET Framework 4 Client Profile CSY Language Pack-->C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\ClientLP\Setup.exe /repair /x86 /lcid 1029 /parameterfolder ClientLP
Microsoft .NET Framework 4 Client Profile CSY Language Pack-->MsiExec.exe /X{7036A6F4-5DAD-3908-956D-1752CD7F7E5A}
Microsoft .NET Framework 4 Client Profile-->C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /parameterfolder Client
Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{3C3901C5-3455-3E0A-A214-0B093A5070A6}
Microsoft .NET Framework 4 Extended CSY Language Pack-->C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\ExtendedLP\Setup.exe /repair /x86 /lcid 1029 /parameterfolder ExtendedLP
Microsoft .NET Framework 4 Extended CSY Language Pack-->MsiExec.exe /X{A2DE62D8-EF1B-36CB-B461-B1E221ED8608}
Microsoft .NET Framework 4 Extended-->C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Extended\Setup.exe /repair /x86 /parameterfolder Extended
Microsoft .NET Framework 4 Extended-->MsiExec.exe /X{0A0CADCF-78DA-33C4-A350-CD51849B9702}
Microsoft IntelliType Pro 8.2-->msiexec.exe /I {9BD2DD45-8763-4F12-BDC6-958FCFEF0FCB}
Microsoft IntelliType Pro 8.2-->MsiExec.exe /X{9BD2DD45-8763-4F12-BDC6-958FCFEF0FCB}
Microsoft Office Access MUI (Czech) 2007-->MsiExec.exe /X{90120000-0015-0405-0000-0000000FF1CE}
Microsoft Office Enterprise 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (Czech) 2007-->MsiExec.exe /X{90120000-0016-0405-0000-0000000FF1CE}
Microsoft Office Groove MUI (Czech) 2007-->MsiExec.exe /X{90120000-00BA-0405-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (Czech) 2007-->MsiExec.exe /X{90120000-0044-0405-0000-0000000FF1CE}
Microsoft Office OneNote MUI (Czech) 2007-->MsiExec.exe /X{90120000-00A1-0405-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Czech) 2007-->MsiExec.exe /X{90120000-001A-0405-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Czech) 2007-->MsiExec.exe /X{90120000-0018-0405-0000-0000000FF1CE}
Microsoft Office Proof (Czech) 2007-->MsiExec.exe /X{90120000-001F-0405-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Slovak) 2007-->MsiExec.exe /X{90120000-001F-041B-0000-0000000FF1CE}
Microsoft Office Proofing (Czech) 2007-->MsiExec.exe /X{90120000-002C-0405-0000-0000000FF1CE}
Microsoft Office Publisher MUI (Czech) 2007-->MsiExec.exe /X{90120000-0019-0405-0000-0000000FF1CE}
Microsoft Office Shared MUI (Czech) 2007-->MsiExec.exe /X{90120000-006E-0405-0000-0000000FF1CE}
Microsoft Office Word MUI (Czech) 2007-->MsiExec.exe /X{90120000-001B-0405-0000-0000000FF1CE}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server Compact 3.5 SP1 English-->MsiExec.exe /I{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022-->MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729-->MsiExec.exe /X{6AFCA4E1-9B78-3640-8F72-A7BF33448200}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
MyHeritage Family Tree Builder-->G:\Program Files\MyHeritage\Bin\Uninstall.exe
Nero 7 Ultra Edition-->MsiExec.exe /I{4781569D-5404-1F26-4B2B-6DF444441031}
Opera 11.51-->"C:\Program Files\Opera\Opera.exe" /uninstall
Presto! PageManager-->C:\WINDOWS\uninst.exe -f"C:\Program Files\NewSoft\PageManager\DeIsL2.isu"
Realtek AC'97 Audio-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe" -l0x5 -removeonly
Rossmann Foto-Shop Software 4.9-->C:\Program Files\Rossmann Foto-Shop Software\Deinstalace.exe
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A8894F19-59C8-38D2-8A75-36C0CCE56A5B} /qb+ REBOOTPROMPT=""
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)-->C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {3E0806DB-3085-378A-840A-F0D3AE3609D1} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)-->C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {728D9A6A-2206-31E8-9F65-C3EABEFCF53E} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)-->C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {2CE2EB39-45C8-32D4-8A99-5529C38F1B99} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)-->C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {7E97AB83-C1FE-38DE-B848-877E0A4BD81E} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)-->C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {DB31DEDD-BF95-31E7-A9B7-5480561CEFF3} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile CSY Language Pack (KB2478663)-->c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\ClientLP\setup.exe /uninstallpatch {728D9A6A-2206-31E8-9F65-C3EABEFCF53E} /parameterfolder ClientLP
Security Update for Microsoft .NET Framework 4 Client Profile CSY Language Pack (KB2518870)-->c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\ClientLP\setup.exe /uninstallpatch {2CE2EB39-45C8-32D4-8A99-5529C38F1B99} /parameterfolder ClientLP
Security Update for Microsoft .NET Framework 4 Extended (KB2416472)-->c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {7A2C18A1-D2A2-3177-82F1-5FE9CC08ECB0} /parameterfolder Extended
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)-->c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {42A3562E-8B4E-39A4-B82D-CC12F82889E3} /parameterfolder Extended
Skype Toolbars-->MsiExec.exe /I{A29549FD-65F3-440C-A552-6B8114CF319D}
Skype™ 5.1-->MsiExec.exe /X{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
The KMPlayer (remove only)-->"C:\Program Files\The KMPlayer\uninstall.exe"
Trainz Simulator 2009: World Builder Edition-->"G:\Program Files\Auran\TS2009\unins000.exe"
TRS2006-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5ED9E38C-9A96-49D8-89B3-92E278003FCF}\Setup.exe" -l0x5
TuneUp Utilities 2007-->MsiExec.exe /I{C8BB4912-12D9-42AE-B571-E580D8CD1B5B}
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)-->C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {FD988F49-E1C8-3C84-9683-0448B6BB8E20} /parameterfolder Client
WinDjView 1.0.3-->C:\Program Files\WinDjView\uninstall.exe
Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe"
Windows Media Format Runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
WinRAR-->C:\Program Files\WinRAR\uninstall.exe

======Security center information======

AV: ESET Smart Security 3.0
FW: ESET personal firewall

======System event log======

Computer Name: FERDA-B66A118AD
Event Code: 7036
Message: Stav služby Služba rozpoznávání pomocí protokolu SSDP byl změněn na: Spuštěno

Record Number: 11922
Source Name: Service Control Manager
Time Written: 20110903074739.000000+120
Event Type: Informace
User:

Computer Name: FERDA-B66A118AD
Event Code: 7036
Message: Stav služby Služba modelu COM pro zápis na disk CD (IMAPI) byl změněn na: Spuštěno

Record Number: 11921
Source Name: Service Control Manager
Time Written: 20110903074739.000000+120
Event Type: Informace
User:

Computer Name: FERDA-B66A118AD
Event Code: 7035
Message: Řídící příkaz Spuštěno byl službě Služba rozpoznávání pomocí protokolu SSDP úspěšně odeslán.

Record Number: 11920
Source Name: Service Control Manager
Time Written: 20110903074739.000000+120
Event Type: Informace
User: NT AUTHORITY\SYSTEM

Computer Name: FERDA-B66A118AD
Event Code: 7036
Message: Stav služby Sledování umístění v síti (NLA) byl změněn na: Spuštěno

Record Number: 11919
Source Name: Service Control Manager
Time Written: 20110903074739.000000+120
Event Type: Informace
User:

Computer Name: FERDA-B66A118AD
Event Code: 7035
Message: Řídící příkaz Spuštěno byl službě Sledování umístění v síti (NLA) úspěšně odeslán.

Record Number: 11918
Source Name: Service Control Manager
Time Written: 20110903074738.000000+120
Event Type: Informace
User: NT AUTHORITY\SYSTEM

=====Application event log=====

Computer Name: FERDA-B66A118AD
Event Code: 0
Message:
Record Number: 1080
Source Name: ICQ Service
Time Written: 20110707141132.000000+120
Event Type: Informace
User:

Computer Name: FERDA-B66A118AD
Event Code: 105
Message: The service was started.

Record Number: 1079
Source Name: ATI Smart
Time Written: 20110707141123.000000+120
Event Type: Informace
User:

Computer Name: FERDA-B66A118AD
Event Code: 1800
Message: Služba Centrum zabezpečení systému Windows byla spuštěna.

Record Number: 1078
Source Name: SecurityCenter
Time Written: 20110707094215.000000+120
Event Type: Informace
User:

Computer Name: FERDA-B66A118AD
Event Code: 0
Message:
Record Number: 1077
Source Name: ICQ Service
Time Written: 20110707094155.000000+120
Event Type: Informace
User:

Computer Name: FERDA-B66A118AD
Event Code: 105
Message: The service was started.

Record Number: 1076
Source Name: ATI Smart
Time Written: 20110707094146.000000+120
Event Type: Informace
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 47 Stepping 2, AuthenticAMD
"PROCESSOR_REVISION"=2f02
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP

-----------------EOF-----------------

13918 · #6 Příspěvek od **13918** » 15 říj 2011 18:42

info.txt logfile of random's system information tool 1.09 2011-10-15 12:04:07

======Uninstall list======

-->MsiExec.exe /X{E9F81423-211E-46B6-9AE0-38568BC5CF6F}
##CAMERADRIVERNAME##-->"C:\Program Files\Common Files\Logitech\QCDRV\BIN\SETUP.EXE" UNINSTALL REMOVEPROMPT
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil10o_ActiveX.exe -maintain activex
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil10x_Plugin.exe -maintain plugin
Adobe Reader 9.4.6 - Czech-->MsiExec.exe /I{AC76BA86-7AD7-1029-7B44-A94000000001}
Age of Empires III-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{7B9CC60A-9B81-46A3-A953-76B6BF9EEC97}
Aktualizace systému Windows Internet Explorer 8 (KB976662)-->"C:\WINDOWS\ie8updates\KB976662-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2482017)-->"C:\WINDOWS\ie8updates\KB2482017-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2497640)-->"C:\WINDOWS\ie8updates\KB2497640-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2510531)-->"C:\WINDOWS\ie8updates\KB2510531-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2530548)-->"C:\WINDOWS\ie8updates\KB2530548-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2544521)-->"C:\WINDOWS\ie8updates\KB2544521-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2559049)-->"C:\WINDOWS\ie8updates\KB2559049-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2586448)-->"C:\WINDOWS\ie8updates\KB2586448-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB971961)-->"C:\WINDOWS\ie8updates\KB971961-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB981332)-->"C:\WINDOWS\ie8updates\KB981332-IE8\spuninst\spuninst.exe"
ATI - Software Uninstall Utility-->C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe
ATI Catalyst Control Center-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{055EE59D-217B-43A7-ABFF-507B966405D8}\setup.exe" -l0x0
ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
Catalyst Control Center - Branding-->MsiExec.exe /I{1FF713E1-FE5E-4AD0-9C8C-B2E877846B45}
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
Codec Pack - All In 1 6.0.3.0-->C:\WINDOWS\iun6002.exe "C:\Program Files\Codec Pack - All In 1\irunin.ini"
Command & Conquer Generals-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{06F80017-8F98-4C94-B868-52358569FC32}
DesetiPrsty5 5.2-->C:\Program Files\DesetiPrsty\pmqUnInstall.exe
Dream Cars-->"C:\Program Files\GameTop.com\Dream Cars\unins000.exe"
ESET Online Scanner v3-->C:\Program Files\ESET\ESET Online Scanner\OnlineScannerUninstaller.exe
ESET Smart Security-->MsiExec.exe /I{6ECB944F-D027-4E8A-9906-70E77C005AD5}
FlatOut2-->"F:\Program Files\FlatOut2\unins000.exe"
Ford Racing 2-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{797E03F8-C8A0-47ED-AA9F-D7076276E491}\setup.exe"
Genius Scanner-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CCEB2144-5F5D-49E8-AADC-05CA48AE9AA5}\setup.exe"
GTI Racing-->C:\Program Files\Techland\GTI Racing\uninstall.exe
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
HP Deskjet 3740 Series-->rundll32 hpzcon10.dll,VendorJettison HP Deskjet 3740 Series
HP Deskjet 3740-->msiexec /x{F901CA6D-A074-42D3-A11D-33AAE6FFD0C1}
ICQ7.5-->"C:\Program Files\InstallShield Installation Information\{7578ADEA-D65F-4C89-A249-B1C88B6FFC20}\ICQ7.exe" -runfromtemp -l0x0009 -removeonly
Java(TM) 6 Update 26-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216026FF}
Logitech QuickCam Software-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C43048A9-742C-4DAD-90D2-E3B53C9DB825}\setup.exe" -l0x9
LS-USBMX 1/2/3 Steering Wheel W/Vibration-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0700\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0DF77F53-B2A0-426E-A9C0-A1EF1CD9C17E}\setup.exe" -l0x9
Microsoft .NET Framework 1.1 Security Update (KB2572067)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M2572067\M2572067Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft .NET Framework 4 Client Profile CSY Language Pack-->C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\ClientLP\Setup.exe /repair /x86 /lcid 1029 /parameterfolder ClientLP
Microsoft .NET Framework 4 Client Profile CSY Language Pack-->MsiExec.exe /X{7036A6F4-5DAD-3908-956D-1752CD7F7E5A}
Microsoft .NET Framework 4 Client Profile-->C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /parameterfolder Client
Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{3C3901C5-3455-3E0A-A214-0B093A5070A6}
Microsoft .NET Framework 4 Extended CSY Language Pack-->C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\ExtendedLP\Setup.exe /repair /x86 /lcid 1029 /parameterfolder ExtendedLP
Microsoft .NET Framework 4 Extended CSY Language Pack-->MsiExec.exe /X{A2DE62D8-EF1B-36CB-B461-B1E221ED8608}
Microsoft .NET Framework 4 Extended-->C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Extended\Setup.exe /repair /x86 /parameterfolder Extended
Microsoft .NET Framework 4 Extended-->MsiExec.exe /X{0A0CADCF-78DA-33C4-A350-CD51849B9702}
Microsoft IntelliType Pro 8.2-->msiexec.exe /I {9BD2DD45-8763-4F12-BDC6-958FCFEF0FCB}
Microsoft IntelliType Pro 8.2-->MsiExec.exe /X{9BD2DD45-8763-4F12-BDC6-958FCFEF0FCB}
Microsoft Office Access MUI (Czech) 2007-->MsiExec.exe /X{90120000-0015-0405-0000-0000000FF1CE}
Microsoft Office Enterprise 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (Czech) 2007-->MsiExec.exe /X{90120000-0016-0405-0000-0000000FF1CE}
Microsoft Office Groove MUI (Czech) 2007-->MsiExec.exe /X{90120000-00BA-0405-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (Czech) 2007-->MsiExec.exe /X{90120000-0044-0405-0000-0000000FF1CE}
Microsoft Office OneNote MUI (Czech) 2007-->MsiExec.exe /X{90120000-00A1-0405-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Czech) 2007-->MsiExec.exe /X{90120000-001A-0405-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Czech) 2007-->MsiExec.exe /X{90120000-0018-0405-0000-0000000FF1CE}
Microsoft Office Proof (Czech) 2007-->MsiExec.exe /X{90120000-001F-0405-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Slovak) 2007-->MsiExec.exe /X{90120000-001F-041B-0000-0000000FF1CE}
Microsoft Office Proofing (Czech) 2007-->MsiExec.exe /X{90120000-002C-0405-0000-0000000FF1CE}
Microsoft Office Publisher MUI (Czech) 2007-->MsiExec.exe /X{90120000-0019-0405-0000-0000000FF1CE}
Microsoft Office Shared MUI (Czech) 2007-->MsiExec.exe /X{90120000-006E-0405-0000-0000000FF1CE}
Microsoft Office Word MUI (Czech) 2007-->MsiExec.exe /X{90120000-001B-0405-0000-0000000FF1CE}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server Compact 3.5 SP1 English-->MsiExec.exe /I{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022-->MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729-->MsiExec.exe /X{6AFCA4E1-9B78-3640-8F72-A7BF33448200}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
MyHeritage Family Tree Builder-->G:\Program Files\MyHeritage\Bin\Uninstall.exe
Nero 7 Ultra Edition-->MsiExec.exe /I{4781569D-5404-1F26-4B2B-6DF444441031}
Opera 11.51-->"C:\Program Files\Opera\Opera.exe" /uninstall
Presto! PageManager-->C:\WINDOWS\uninst.exe -f"C:\Program Files\NewSoft\PageManager\DeIsL2.isu"
Realtek AC'97 Audio-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe" -l0x5 -removeonly
Rossmann Foto-Shop Software 4.9-->C:\Program Files\Rossmann Foto-Shop Software\Deinstalace.exe
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A8894F19-59C8-38D2-8A75-36C0CCE56A5B} /qb+ REBOOTPROMPT=""
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)-->C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {3E0806DB-3085-378A-840A-F0D3AE3609D1} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)-->C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {728D9A6A-2206-31E8-9F65-C3EABEFCF53E} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)-->C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {2CE2EB39-45C8-32D4-8A99-5529C38F1B99} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)-->C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {7E97AB83-C1FE-38DE-B848-877E0A4BD81E} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)-->C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {DB31DEDD-BF95-31E7-A9B7-5480561CEFF3} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile CSY Language Pack (KB2478663)-->c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\ClientLP\setup.exe /uninstallpatch {728D9A6A-2206-31E8-9F65-C3EABEFCF53E} /parameterfolder ClientLP
Security Update for Microsoft .NET Framework 4 Client Profile CSY Language Pack (KB2518870)-->c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\ClientLP\setup.exe /uninstallpatch {2CE2EB39-45C8-32D4-8A99-5529C38F1B99} /parameterfolder ClientLP
Security Update for Microsoft .NET Framework 4 Extended (KB2416472)-->c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {7A2C18A1-D2A2-3177-82F1-5FE9CC08ECB0} /parameterfolder Extended
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)-->c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {42A3562E-8B4E-39A4-B82D-CC12F82889E3} /parameterfolder Extended
Skype Toolbars-->MsiExec.exe /I{A29549FD-65F3-440C-A552-6B8114CF319D}
Skype™ 5.1-->MsiExec.exe /X{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
The KMPlayer (remove only)-->"C:\Program Files\The KMPlayer\uninstall.exe"
Trainz Simulator 2009: World Builder Edition-->"G:\Program Files\Auran\TS2009\unins000.exe"
TRS2006-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5ED9E38C-9A96-49D8-89B3-92E278003FCF}\Setup.exe" -l0x5
TuneUp Utilities 2007-->MsiExec.exe /I{C8BB4912-12D9-42AE-B571-E580D8CD1B5B}
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)-->C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {FD988F49-E1C8-3C84-9683-0448B6BB8E20} /parameterfolder Client
WinDjView 1.0.3-->C:\Program Files\WinDjView\uninstall.exe
Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe"
Windows Media Format Runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
WinRAR-->C:\Program Files\WinRAR\uninstall.exe

======Security center information======

AV: ESET Smart Security 3.0
FW: ESET personal firewall

======System event log======

Computer Name: FERDA-B66A118AD
Event Code: 7036
Message: Stav služby Služba rozpoznávání pomocí protokolu SSDP byl změněn na: Spuštěno

Record Number: 11922
Source Name: Service Control Manager
Time Written: 20110903074739.000000+120
Event Type: Informace
User:

Computer Name: FERDA-B66A118AD
Event Code: 7036
Message: Stav služby Služba modelu COM pro zápis na disk CD (IMAPI) byl změněn na: Spuštěno

Record Number: 11921
Source Name: Service Control Manager
Time Written: 20110903074739.000000+120
Event Type: Informace
User:

Computer Name: FERDA-B66A118AD
Event Code: 7035
Message: Řídící příkaz Spuštěno byl službě Služba rozpoznávání pomocí protokolu SSDP úspěšně odeslán.

Record Number: 11920
Source Name: Service Control Manager
Time Written: 20110903074739.000000+120
Event Type: Informace
User: NT AUTHORITY\SYSTEM

Computer Name: FERDA-B66A118AD
Event Code: 7036
Message: Stav služby Sledování umístění v síti (NLA) byl změněn na: Spuštěno

Record Number: 11919
Source Name: Service Control Manager
Time Written: 20110903074739.000000+120
Event Type: Informace
User:

Computer Name: FERDA-B66A118AD
Event Code: 7035
Message: Řídící příkaz Spuštěno byl službě Sledování umístění v síti (NLA) úspěšně odeslán.

Record Number: 11918
Source Name: Service Control Manager
Time Written: 20110903074738.000000+120
Event Type: Informace
User: NT AUTHORITY\SYSTEM

=====Application event log=====

Computer Name: FERDA-B66A118AD
Event Code: 0
Message:
Record Number: 1080
Source Name: ICQ Service
Time Written: 20110707141132.000000+120
Event Type: Informace
User:

Computer Name: FERDA-B66A118AD
Event Code: 105
Message: The service was started.

Record Number: 1079
Source Name: ATI Smart
Time Written: 20110707141123.000000+120
Event Type: Informace
User:

Computer Name: FERDA-B66A118AD
Event Code: 1800
Message: Služba Centrum zabezpečení systému Windows byla spuštěna.

Record Number: 1078
Source Name: SecurityCenter
Time Written: 20110707094215.000000+120
Event Type: Informace
User:

Computer Name: FERDA-B66A118AD
Event Code: 0
Message:
Record Number: 1077
Source Name: ICQ Service
Time Written: 20110707094155.000000+120
Event Type: Informace
User:

Computer Name: FERDA-B66A118AD
Event Code: 105
Message: The service was started.

Record Number: 1076
Source Name: ATI Smart
Time Written: 20110707094146.000000+120
Event Type: Informace
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 47 Stepping 2, AuthenticAMD
"PROCESSOR_REVISION"=2f02
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP

-----------------EOF-----------------

13918 · #7 Příspěvek od **13918** » 15 říj 2011 18:44

omlouvám se nějak se mi to odesílání vymklo z rukou

#8 Příspěvek od **motji** » 15 říj 2011 19:00

Zapojte do pc všechny usb klíče, flashky...co používáte

Zazálohujte si důležitá data, pro jistotu

Stáhněte na plochu, ukončete všechna aktivní okna a spusťte ComboFix - http://download.bleepingcomputer.com/sUBs/ComboFix.exe

- ComboFix je třeba spustit pod účtem s právy administrátora

- Před použitím vypněte všechny rezidentní bezpečnostní programy - antiviry, firewally, antispywary

- Po spuštění se zobrazí podmínky užití, potvrďte je stiskem tlačítka Ano

- Dále postupujte dle pokynů, během aplikování ComboFixu neklikejte do zobrazujícího se okna

- Po dokončení skenování, trvajícího maximálně 10 minut, by měl program vytvořit log - C:\ComboFix.txt, zkopírujte celý jeho obsah sem

13918 · #9 Příspěvek od **13918** » 15 říj 2011 19:23

Vzhledem k tomu, že používám cca 5 usb flash disků, které v současné době nemám u sebe nemohl jsem je připojit

ComboFix 11-10-15.04 - Ferda Mravenec 15.10.2011 20:15:51.1.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.2047.1473 [GMT 2:00]
Spuštěný z: c:\documents and settings\Ferda Mravenec\Plocha\ComboFix.exe
AV: ESET Smart Security 3.0 *Disabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET personal firewall *Enabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
.
ADS - WINDOWS: deleted 24 bytes in 1 streams.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Ferda Mravenec\WINDOWS
c:\windows\ehome\medctrro.exe
c:\windows\iun6002.exe
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\system32\ctfmon(2).exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-09-15 do 2011-10-15 )))))))))))))))))))))))))))))))
.
.
2011-10-15 10:03 . 2011-10-15 10:04 -------- d-----w- C:\rsit
2011-10-15 10:03 . 2011-10-15 10:04 -------- d-----w- c:\program files\trend micro
2011-10-08 12:35 . 2011-10-08 12:35 -------- d-----w- c:\documents and settings\Ferda Mravenec\Data aplikací\TVU Networks
2011-10-08 12:35 . 2011-10-08 12:35 -------- d-----w- c:\documents and settings\Ferda Mravenec\Local Settings\Data aplikací\TVU Networks
2011-10-08 12:35 . 2011-10-08 12:35 -------- d-----w- c:\documents and settings\All Users\Data aplikací\TVU Networks
2011-10-08 12:35 . 2011-10-08 12:35 -------- d-----w- c:\documents and settings\Ferda Mravenec\LocalLow
2011-10-08 08:23 . 2011-10-08 08:25 -------- d-----w- c:\program files\WinXMedia
2011-10-01 09:54 . 2011-10-01 09:54 -------- d-----w- c:\documents and settings\Ferda Mravenec\Local Settings\Data aplikací\Babylon
2011-10-01 09:54 . 2011-10-01 09:54 -------- d-----w- c:\documents and settings\Ferda Mravenec\Data aplikací\Babylon
2011-10-01 09:54 . 2011-10-01 09:54 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Babylon
2011-09-17 16:35 . 2008-04-14 06:51 21504 -c--a-w- c:\windows\system32\dllcache\hidserv.dll
2011-09-17 16:35 . 2008-04-14 06:51 21504 ----a-w- c:\windows\system32\hidserv.dll
2011-09-17 16:29 . 2011-09-17 16:29 -------- d-----w- c:\program files\Microsoft IntelliType Pro
2011-09-17 15:05 . 2011-09-17 15:05 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Easy Driver Pro
2011-09-17 13:52 . 2011-09-17 13:52 -------- d-----w- C:\Temp
2011-09-16 20:43 . 2008-12-04 19:46 180224 ----a-w- c:\windows\system32\xvidvfw.dll
2011-09-16 20:17 . 2011-09-16 20:17 -------- d-----w- c:\documents and settings\Ferda Mravenec\Local Settings\Data aplikací\Xilisoft
2011-09-16 20:17 . 2011-09-16 20:17 -------- d-----w- c:\documents and settings\Ferda Mravenec\Data aplikací\Xilisoft
2011-09-16 20:17 . 2011-09-17 13:56 -------- d-----w- c:\documents and settings\Ferda Mravenec\Data aplikací\Toolbar4
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-10-01 06:54 . 2011-05-14 08:54 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-09-26 09:41 . 2010-03-18 09:09 613376 ----a-w- c:\windows\system32\uiautomationcore.dll
2011-09-26 09:41 . 2001-10-25 15:00 22528 ----a-w- c:\windows\system32\oleaccrc.dll
2011-09-26 09:41 . 2001-10-25 15:00 220160 ----a-w- c:\windows\system32\oleacc.dll
2011-09-09 09:12 . 2004-08-17 15:49 602112 ----a-w- c:\windows\system32\crypt32.dll
2011-09-06 14:10 . 2004-08-17 15:44 1858944 ----a-w- c:\windows\system32\win32k.sys
2011-08-22 23:41 . 2004-08-17 15:49 916480 ----a-w- c:\windows\system32\wininet.dll
2011-08-22 23:41 . 2004-08-17 15:49 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2011-08-22 23:41 . 2004-08-17 15:49 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-08-22 11:56 . 2004-08-17 15:44 385024 ----a-w- c:\windows\system32\html.iec
2011-08-17 13:49 . 2004-08-03 23:14 138496 ----a-w- c:\windows\system32\drivers\afd.sys
2011-07-23 13:46 . 2011-07-23 13:46 4608 ----a-w- c:\windows\system32\w95inf32.dll
2011-07-23 13:46 . 2011-07-23 13:46 2272 ----a-w- c:\windows\system32\w95inf16.dll
2011-04-18 14:01 . 2011-04-18 13:30 1308851200 ----a-w- c:\program files\4Story_CZ_3.5.55.exe
2011-04-18 13:29 . 2011-04-18 13:29 344848 ----a-w- c:\program files\Downloader_4Story_CZ_3.5.55.exe
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[7] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\atapi.sys
[-] 2008-04-13 23:10 . !HASH: COULD NOT OPEN FILE !!!!! . 96512 . . [------] . . c:\windows\system32\drivers\atapi.sys
[7] 2004-08-03 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\atapi.sys
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LogitechSoftwareUpdate"="c:\program files\Logitech\Video\ManifestEngine.exe" [2004-10-08 196608]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2008-03-01 1443072]
"SoundMan"="SOUNDMAN.EXE" [2006-11-17 577536]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-09-25 98304]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"HP Component Manager"="c:\program files\HP\hpcoretech\hpcmpmgr.exe" [2003-12-22 241664]
"HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb10.exe" [2005-07-23 172032]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-09-07 37296]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
"LVCOMSX"="c:\windows\system32\LVCOMSX.EXE" [2004-10-08 221184]
"LogitechVideoRepair"="c:\program files\Logitech\Video\ISStart.exe" [2004-10-08 458752]
"LogitechVideoTray"="c:\program files\Logitech\Video\LogiTray.exe" [2004-10-08 217088]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2005-09-25 155648]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]
"Family Tree Builder Update"="g:\program files\MyHeritage\Bin\FTBCheckUpdates.exe" [2011-06-21 225280]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
"itype"="c:\program files\Microsoft IntelliType Pro\itype.exe" [2011-08-10 1313640]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\ICQ7.5\\ICQ.exe"=
.
R0 a347bus;a347bus;c:\windows\system32\drivers\a347bus.sys [23.4.2011 21:37 160640]
R0 a347scsi;a347scsi;c:\windows\system32\drivers\a347scsi.sys [23.4.2011 21:37 5248]
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [17.4.2011 14:59 642560]
R2 ekrn;Eset Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [21.12.2007 9:21 468224]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18.3.2010 14:16 130384]
S3 GT680xNT;ColorPage-Vivid 1200X;c:\windows\system32\drivers\Gt680x.sys [2.8.2011 17:49 17376]
S3 h643331;h643331;c:\windows\system32\drivers\h643331.sys --> c:\windows\system32\drivers\h643331.sys [?]
S3 hid3331;hid3331;c:\windows\system32\drivers\Hid3331.sys [16.4.2011 9:33 41024]
S3 vaxscsi;vaxscsi;c:\windows\system32\drivers\vaxscsi.sys [17.4.2011 15:01 223128]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18.3.2010 14:16 753504]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Obsah adresáře 'Naplánované úlohy'
.
2011-10-14 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2007\SystemOptimizer.exe [2006-12-19 13:13]
.
2011-09-17 c:\windows\Tasks\Microsoft_Hardware_Launch_IType_exe.job
- c:\program files\Microsoft IntelliType Pro\itype.exe [2011-08-10 14:39]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.cz/
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files\ICQ7.5\ICQ.exe
TCP: DhcpNameServer = 192.168.2.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-Cool's_Codec_pack_4.12 - c:\windows\iun6002.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-10-15 20:19
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG14.00.00.01PROFESSIONAL"="C9028133C53840A9D3A95290BDA38D049EBD252A0BF3C0FDF20C95992320FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B9808A6A0AC4980AC7933FEBC9E127BECC74C5D575E7D6A3B9808BA11088055CB37CEEB4D1E33DB67363AD74FCB74083413CA68C164D292D08881802C33458DA218DB31E1AF8A4142A872B78005A14C8D723DCDFEDF4522B4BD584BCA1A01D3E6696295772C58A402CFE3DFFC7170F3E2E9CA4006BBD9F9345375064DB96148D516CDF690ACEEAB5540F1C408687CCA74D8EFE5FAAB1827BE988FAE5A43F26131F5ADC8F2FE06516D81A5EDA874476F04954E7D4518E7104A4F80575A1A27E53FD9B3922924B9618111AA78AA543553DA692A57921A97E9CEABC5267957D6F34804B86F01518900CCDDD0139B798D3F4390ED5A5205D6C1C85981D6A9C6BBFB9BABB40E8E7057218E4C8C03D00CFD4C0E3CA37E39D83DF63AF5793521E973C20B7CC8B2A49F6B8F873474A0606515E98D11FD52BD4FC23EA51318A5D6F480DFE994B7345F3072E8006145D82514C95B1BA8D2F59E52C59D94B76B1C8A51C9C19486677E1DA67A1FC1935E2B3EDB72379110199DD98308F2945D24263B1A1929665B64907E3DF5769B00C42B0F324CE650C7EE15B3B32D6CB5F2195FAE209E2AC28CDBFCEBE1BE8B61CD1F02BFC078AA3A461539B6ED3F0F0CD744FA6E67E92E8D09A06B8EB60F49E79839EB3A68F895B97170792BE92C31B1E4C2BFC72AF270B2B42B17530F85730BF105B92EB9B88C37AA085C251AC50042E3D7874BD394049E66954F6D76A61E28DC154F0FFB834C253F0CFA7520BF7ADD1067C04E050CCB42E71FF7532958B4A2D09FA313A8096375764B033754B574A91F7D6CE9927D811579A908BE1AE8F3E2BB83C535705E339F083BB4C4422316CE3447A27B846C328ECE3D892EED056FD07A3FD2B5347B73A0227466BDA9EA5A79EB168CA39746BC2E8D049D637D410ADBE4F681978BBC2F77E4B402087DD1925A526069483D57D874D1CC7664D6147FF740F11921BFE3C427655C024BE400E0A6E93F8A1398D30D67A80BDBFBBCD95C9AC91DF4DE50136737ACEF7AF2BC05BD16A8F1566F02D0379018D6293823D284BEB007879F6ED39CB5B81810AF1551F46679D8480F0849877E94684CEAB3202BE19AE453740393C03079A2FA75AEBAA6D739FAEC68681B82428A9FCAA94D4BDB891D0E7137A62081B9D301897C0379C52E3B0267B29A0982F0D8013A5000BDF339C6FD8E02A731E2EB22469CC13D2C9A3244BB6D6DC4B932255131467A91C825FD9555E8348ADBBA60302DA904BC53C1B18E9ACAD7C437147B3DFCAD8D7C9D74657FD8D7EF841F33B8BE913A479555287D4833DBF6AA6FFB96D552C5AC6D56BC816A6EC01E"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(864)
c:\windows\system32\Ati2evxx.dll
.
Celkový čas: 2011-10-15 20:20:31
ComboFix-quarantined-files.txt 2011-10-15 18:20
.
Před spuštěním: Volných bajtů: 218 502 832 128
Po spuštění: Volných bajtů: 218 567 102 464
.
WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
.
- - End Of File - - 5E5AE84D8381A6E9D4D4552A0F536322

#10 Příspěvek od **motji** » 15 říj 2011 20:36

Vypadá to, že máte nakažený systémový soubor atapi.

Stáhněte TDSSKiller http://support.kaspersky.com/downloads/ ... killer.exe
- a uložte ho na plochu.
- 2x klikněte na ikonu programu a spusťte
- dejte volbu Spustit kontrolu - pak potvrdte start sken
- pokud program najde infikovaný soubor, ukáže se Vám předvolená akce Cure, v tom případě potvrdte tlačítko Continue
- pokud bude chtít program restartovat počítač, klikněte na tlačítko Reboot Now
- pokud si restart nevyžádá, klikněte na tlačítko Report. Měl vy na Vás vyskočit log, obsah logu zkopírujte do svého topicu.
- pokud se log nezobrazí, je uložený ve Vašem kořenovém adresáři.

13918 · #11 Příspěvek od **13918** » 15 říj 2011 20:44

21:38:49.0781 2288 TDSS rootkit removing tool 2.6.9.0 Oct 14 2011 11:33:24
21:38:50.0593 2288 ============================================================
21:38:50.0593 2288 Current date / time: 2011/10/15 21:38:50.0593
21:38:50.0593 2288 SystemInfo:
21:38:50.0593 2288
21:38:50.0593 2288 OS Version: 5.1.2600 ServicePack: 3.0
21:38:50.0593 2288 Product type: Workstation
21:38:50.0593 2288 ComputerName: FERDA-B66A118AD
21:38:50.0593 2288 UserName: Ferda Mravenec
21:38:50.0593 2288 Windows directory: C:\WINDOWS
21:38:50.0593 2288 System windows directory: C:\WINDOWS
21:38:50.0593 2288 Processor architecture: Intel x86
21:38:50.0593 2288 Number of processors: 1
21:38:50.0593 2288 Page size: 0x1000
21:38:50.0593 2288 Boot type: Normal boot
21:38:50.0593 2288 ============================================================
21:38:52.0171 2288 Initialize success
21:38:55.0500 1356 ============================================================
21:38:55.0500 1356 Scan started
21:38:55.0500 1356 Mode: Manual;
21:38:55.0500 1356 ============================================================
21:38:56.0515 1356 a347bus (1f61cacacb521215f39061789147968c) C:\WINDOWS\system32\DRIVERS\a347bus.sys
21:38:56.0515 1356 a347bus - ok
21:38:56.0546 1356 a347scsi (113e4b318bbaa7483ca4e582a4d63f49) C:\WINDOWS\system32\Drivers\a347scsi.sys
21:38:56.0562 1356 a347scsi - ok
21:38:56.0578 1356 Abiosdsk - ok
21:38:56.0593 1356 abp480n5 - ok
21:38:56.0625 1356 ACPI (4fe34f1f3126b61fcc6b2043aa8112c9) C:\WINDOWS\system32\DRIVERS\ACPI.sys
21:38:56.0656 1356 ACPI - ok
21:38:56.0687 1356 ACPIEC (afdff022a01f0b11c776f0860c3b282f) C:\WINDOWS\system32\drivers\ACPIEC.sys
21:38:56.0703 1356 ACPIEC - ok
21:38:56.0718 1356 adpu160m - ok
21:38:56.0734 1356 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
21:38:56.0765 1356 aec - ok
21:38:56.0796 1356 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
21:38:56.0796 1356 AFD - ok
21:38:56.0812 1356 Aha154x - ok
21:38:56.0828 1356 aic78u2 - ok
21:38:56.0843 1356 aic78xx - ok
21:38:56.0968 1356 ALCXWDM (f3e15607ba53249c765e36388b332c2f) C:\WINDOWS\system32\drivers\ALCXWDM.SYS
21:38:57.0000 1356 ALCXWDM - ok
21:38:57.0062 1356 AliIde - ok
21:38:57.0078 1356 amsint - ok
21:38:57.0109 1356 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
21:38:57.0125 1356 Arp1394 - ok
21:38:57.0140 1356 asc - ok
21:38:57.0156 1356 asc3350p - ok
21:38:57.0171 1356 asc3550 - ok
21:38:57.0312 1356 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
21:38:57.0328 1356 AsyncMac - ok
21:38:57.0375 1356 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
21:38:57.0375 1356 Suspicious file (NoAccess): C:\WINDOWS\system32\DRIVERS\atapi.sys. md5: 9f3a2f5aa6875c72bf062c712cfa2674
21:38:57.0375 1356 atapi ( LockedFile.Multi.Generic ) - warning
21:38:57.0375 1356 atapi - detected LockedFile.Multi.Generic (1)
21:38:57.0390 1356 Atdisk - ok
21:38:57.0531 1356 ati2mtag (7a95a5f3ed40a3b6f1275821553f3f4f) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
21:38:57.0562 1356 ati2mtag - ok
21:38:57.0640 1356 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
21:38:57.0671 1356 Atmarpc - ok
21:38:57.0718 1356 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
21:38:57.0734 1356 audstub - ok
21:38:57.0765 1356 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
21:38:57.0796 1356 Beep - ok
21:38:57.0828 1356 BthEnum (b279426e3c0c344893ed78a613a73bde) C:\WINDOWS\system32\DRIVERS\BthEnum.sys
21:38:57.0843 1356 BthEnum - ok
21:38:57.0859 1356 BTHMODEM (fca6f069597b62d42495191ace3fc6c1) C:\WINDOWS\system32\DRIVERS\bthmodem.sys
21:38:57.0875 1356 BTHMODEM - ok
21:38:57.0890 1356 BthPan (80602b8746d3738f5886ce3d67ef06b6) C:\WINDOWS\system32\DRIVERS\bthpan.sys
21:38:57.0921 1356 BthPan - ok
21:38:57.0937 1356 BTHPORT (f338662a6c1fc11dd9508f6dff2c06a2) C:\WINDOWS\system32\Drivers\BTHport.sys
21:38:57.0937 1356 BTHPORT - ok
21:38:57.0953 1356 BTHUSB (61364cd71ef63b0f038b7e9df00f1efa) C:\WINDOWS\system32\Drivers\BTHUSB.sys
21:38:57.0984 1356 BTHUSB - ok
21:38:58.0000 1356 CamDrL (cba8bce5bf67a3c619d5ce540bed9cf7) C:\WINDOWS\system32\DRIVERS\Camdrl.sys
21:38:58.0015 1356 CamDrL - ok
21:38:58.0078 1356 catchme - ok
21:38:58.0109 1356 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
21:38:58.0125 1356 cbidf2k - ok
21:38:58.0156 1356 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
21:38:58.0171 1356 CCDECODE - ok
21:38:58.0187 1356 cd20xrnt - ok
21:38:58.0203 1356 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
21:38:58.0218 1356 Cdaudio - ok
21:38:58.0250 1356 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
21:38:58.0265 1356 Cdfs - ok
21:38:58.0281 1356 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
21:38:58.0296 1356 Cdrom - ok
21:38:58.0312 1356 Changer - ok
21:38:58.0343 1356 CmdIde - ok
21:38:58.0375 1356 Cpqarray - ok
21:38:58.0390 1356 dac2w2k - ok
21:38:58.0406 1356 dac960nt - ok
21:38:58.0437 1356 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
21:38:58.0453 1356 Disk - ok
21:38:58.0515 1356 dmboot (db5fd2bf5b07dc54bfcb3664ff05bd7c) C:\WINDOWS\system32\drivers\dmboot.sys
21:38:58.0546 1356 dmboot - ok
21:38:58.0562 1356 dmio (fff1720af51171f32f1ead5cf71f2810) C:\WINDOWS\system32\drivers\dmio.sys
21:38:58.0593 1356 dmio - ok
21:38:58.0593 1356 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
21:38:58.0640 1356 dmload - ok
21:38:58.0671 1356 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
21:38:58.0671 1356 DMusic - ok
21:38:58.0687 1356 dpti2o - ok
21:38:58.0718 1356 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
21:38:58.0734 1356 drmkaud - ok
21:38:58.0765 1356 eamon (cb2c172cceac6dfb4576c6fb884d2520) C:\WINDOWS\system32\DRIVERS\eamon.sys
21:38:58.0781 1356 eamon - ok
21:38:58.0812 1356 easdrv (4a9915fbbfe68668f4b6b1630dd90886) C:\WINDOWS\system32\DRIVERS\easdrv.sys
21:38:58.0812 1356 easdrv - ok
21:38:58.0859 1356 EL90XBC (6e883bf518296a40959131c2304af714) C:\WINDOWS\system32\DRIVERS\el90xbc5.sys
21:38:58.0859 1356 EL90XBC - ok
21:38:58.0875 1356 epfw (b767f50ee389c005f0f158dc46e9b1c8) C:\WINDOWS\system32\DRIVERS\epfw.sys
21:38:58.0890 1356 epfw - ok
21:38:58.0906 1356 Epfwndis (b1161889d07b6cbfa8e66e0675f6a10a) C:\WINDOWS\system32\DRIVERS\Epfwndis.sys
21:38:58.0906 1356 Epfwndis - ok
21:38:58.0937 1356 epfwtdi (f94c67f39716ed0aaccb111d10576d5d) C:\WINDOWS\system32\DRIVERS\epfwtdi.sys
21:38:58.0953 1356 epfwtdi - ok
21:38:58.0984 1356 es1371 (a55dd7d8ced5d2624a9ee2dda7be0319) C:\WINDOWS\system32\drivers\es1371mp.sys
21:38:59.0015 1356 es1371 - ok
21:38:59.0046 1356 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
21:38:59.0062 1356 Fastfat - ok
21:38:59.0093 1356 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
21:38:59.0109 1356 Fdc - ok
21:38:59.0140 1356 Fips (ac366695a0796560aa37215ad5762aaf) C:\WINDOWS\system32\drivers\Fips.sys
21:38:59.0156 1356 Fips - ok
21:38:59.0171 1356 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
21:38:59.0203 1356 Flpydisk - ok
21:38:59.0218 1356 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
21:38:59.0234 1356 FltMgr - ok
21:38:59.0281 1356 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
21:38:59.0296 1356 Fs_Rec - ok
21:38:59.0312 1356 Ftdisk (4e664d8541db4a66b73a24257e322e1f) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
21:38:59.0328 1356 Ftdisk - ok
21:38:59.0359 1356 gameenum (065639773d8b03f33577f6cdaea21063) C:\WINDOWS\system32\DRIVERS\gameenum.sys
21:38:59.0359 1356 gameenum - ok
21:38:59.0390 1356 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
21:38:59.0406 1356 Gpc - ok
21:38:59.0421 1356 GT680xNT (0827f8a536e7e33393308eae4285e1e3) C:\WINDOWS\system32\drivers\gt680x.sys
21:38:59.0453 1356 GT680xNT - ok
21:38:59.0453 1356 h643331 - ok
21:38:59.0484 1356 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
21:38:59.0515 1356 HDAudBus - ok
21:38:59.0578 1356 hid3331 (6f21bff46363793c8120f8e7ceb2da40) C:\WINDOWS\system32\drivers\hid3331.sys
21:38:59.0609 1356 hid3331 - ok
21:38:59.0656 1356 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
21:38:59.0671 1356 hidusb - ok
21:38:59.0687 1356 hpn - ok
21:38:59.0718 1356 HTTP (f6aacf5bce2893e0c1754afeb672e5c9) C:\WINDOWS\system32\Drivers\HTTP.sys
21:38:59.0734 1356 HTTP - ok
21:38:59.0765 1356 i2omgmt - ok
21:38:59.0781 1356 i2omp - ok
21:38:59.0796 1356 i8042prt (c528e27945367191e7bae364930b6932) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
21:38:59.0812 1356 i8042prt - ok
21:38:59.0828 1356 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
21:38:59.0843 1356 Imapi - ok
21:38:59.0875 1356 InCDFs - ok
21:38:59.0890 1356 InCDPass - ok
21:38:59.0906 1356 InCDRm - ok
21:38:59.0921 1356 ini910u - ok
21:38:59.0937 1356 IntelIde - ok
21:38:59.0953 1356 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
21:38:59.0984 1356 Ip6Fw - ok
21:39:00.0000 1356 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
21:39:00.0046 1356 IpFilterDriver - ok
21:39:00.0062 1356 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
21:39:00.0078 1356 IpInIp - ok
21:39:00.0093 1356 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
21:39:00.0109 1356 IpNat - ok
21:39:00.0125 1356 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
21:39:00.0156 1356 IPSec - ok
21:39:00.0171 1356 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
21:39:00.0203 1356 IRENUM - ok
21:39:00.0218 1356 isapnp (cc9f8a2d60aed1a51a3ac34c59b987ae) C:\WINDOWS\system32\DRIVERS\isapnp.sys
21:39:00.0234 1356 isapnp - ok
21:39:00.0281 1356 Kbdclass (1b6162fe7f66b1a71a4b70f941c4aa9b) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
21:39:00.0296 1356 Kbdclass - ok
21:39:00.0312 1356 kbdhid (86c8f23616c6c6e5b2776901c17b945b) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
21:39:00.0328 1356 kbdhid - ok
21:39:00.0359 1356 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
21:39:00.0359 1356 kmixer - ok
21:39:00.0375 1356 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
21:39:00.0390 1356 KSecDD - ok
21:39:00.0421 1356 lbrtfdc - ok
21:39:00.0484 1356 LVUSBSta (90259f3a20fbaec1a08d74ef5415b9d8) C:\WINDOWS\system32\drivers\lvusbsta.sys
21:39:00.0484 1356 LVUSBSta - ok
21:39:00.0531 1356 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
21:39:00.0562 1356 mnmdd - ok
21:39:00.0609 1356 Modem (44032b0c6d9954d3fd26438330b99ee7) C:\WINDOWS\system32\drivers\Modem.sys
21:39:00.0625 1356 Modem - ok
21:39:00.0640 1356 Mouclass (4cb582831dbde63ce43b45d771218374) C:\WINDOWS\system32\DRIVERS\mouclass.sys
21:39:00.0656 1356 Mouclass - ok
21:39:00.0703 1356 mouhid (bb269eba740737ab749b214d568b6812) C:\WINDOWS\system32\DRIVERS\mouhid.sys
21:39:00.0734 1356 mouhid - ok
21:39:00.0750 1356 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
21:39:00.0750 1356 MountMgr - ok
21:39:00.0765 1356 mraid35x - ok
21:39:00.0781 1356 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
21:39:00.0828 1356 MRxDAV - ok
21:39:00.0859 1356 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
21:39:00.0875 1356 MRxSmb - ok
21:39:00.0921 1356 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
21:39:00.0937 1356 Msfs - ok
21:39:00.0968 1356 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
21:39:00.0984 1356 MSKSSRV - ok
21:39:01.0015 1356 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
21:39:01.0031 1356 MSPCLOCK - ok
21:39:01.0062 1356 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
21:39:01.0078 1356 MSPQM - ok
21:39:01.0109 1356 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
21:39:01.0140 1356 mssmbios - ok
21:39:01.0187 1356 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
21:39:01.0203 1356 MSTEE - ok
21:39:01.0234 1356 ms_mpu401 (ca3e22598f411199adc2dfee76cd0ae0) C:\WINDOWS\system32\drivers\msmpu401.sys
21:39:01.0250 1356 ms_mpu401 - ok
21:39:01.0296 1356 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
21:39:01.0312 1356 Mup - ok
21:39:01.0359 1356 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
21:39:01.0375 1356 NABTSFEC - ok
21:39:01.0437 1356 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
21:39:01.0437 1356 NDIS - ok
21:39:01.0484 1356 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
21:39:01.0500 1356 NdisIP - ok
21:39:01.0531 1356 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
21:39:01.0546 1356 NdisTapi - ok
21:39:01.0593 1356 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
21:39:01.0609 1356 Ndisuio - ok
21:39:01.0625 1356 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
21:39:01.0640 1356 NdisWan - ok
21:39:01.0671 1356 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
21:39:01.0687 1356 NDProxy - ok
21:39:01.0734 1356 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
21:39:01.0750 1356 NetBIOS - ok
21:39:01.0781 1356 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
21:39:01.0812 1356 NetBT - ok
21:39:01.0859 1356 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
21:39:01.0875 1356 NIC1394 - ok
21:39:01.0906 1356 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
21:39:01.0921 1356 Npfs - ok
21:39:01.0953 1356 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
21:39:01.0984 1356 Ntfs - ok
21:39:02.0031 1356 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
21:39:02.0046 1356 Null - ok
21:39:02.0078 1356 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
21:39:02.0093 1356 NwlnkFlt - ok
21:39:02.0125 1356 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
21:39:02.0140 1356 NwlnkFwd - ok
21:39:02.0156 1356 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
21:39:02.0187 1356 ohci1394 - ok
21:39:02.0234 1356 Parport (46f8db73b4a53e543f8e371dc7c75bae) C:\WINDOWS\system32\DRIVERS\parport.sys
21:39:02.0250 1356 Parport - ok
21:39:02.0265 1356 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
21:39:02.0281 1356 PartMgr - ok
21:39:02.0296 1356 ParVdm (1fae19d0457176318bba4a8795656ebc) C:\WINDOWS\system32\drivers\ParVdm.sys
21:39:02.0328 1356 ParVdm - ok
21:39:02.0343 1356 PCI (6ce351d149cb4befc702951e471e1730) C:\WINDOWS\system32\DRIVERS\pci.sys
21:39:02.0359 1356 PCI - ok
21:39:02.0375 1356 PCIDump - ok
21:39:02.0390 1356 PCIIde (2da4ec85e0ea7a45c6b2a05820492d5a) C:\WINDOWS\system32\DRIVERS\pciide.sys
21:39:02.0421 1356 PCIIde - ok
21:39:02.0453 1356 Pcmcia (4fc31e6c19a5ce5198b1abff94cae758) C:\WINDOWS\system32\drivers\Pcmcia.sys
21:39:02.0484 1356 Pcmcia - ok
21:39:02.0500 1356 PDCOMP - ok
21:39:02.0515 1356 PDFRAME - ok
21:39:02.0531 1356 PDRELI - ok
21:39:02.0546 1356 PDRFRAME - ok
21:39:02.0562 1356 perc2 - ok
21:39:02.0578 1356 perc2hib - ok
21:39:02.0640 1356 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
21:39:02.0671 1356 PptpMiniport - ok
21:39:02.0718 1356 Processor (7eb15dce4ec3a0220bd796a15c18186e) C:\WINDOWS\system32\DRIVERS\processr.sys
21:39:02.0734 1356 Processor - ok
21:39:02.0765 1356 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
21:39:02.0796 1356 PSched - ok
21:39:02.0828 1356 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
21:39:02.0843 1356 Ptilink - ok
21:39:02.0859 1356 ql1080 - ok
21:39:02.0875 1356 Ql10wnt - ok
21:39:02.0890 1356 ql12160 - ok
21:39:02.0906 1356 ql1240 - ok
21:39:02.0906 1356 ql1280 - ok
21:39:02.0921 1356 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
21:39:02.0937 1356 RasAcd - ok
21:39:02.0953 1356 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
21:39:02.0984 1356 Rasl2tp - ok
21:39:03.0015 1356 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
21:39:03.0031 1356 RasPppoe - ok
21:39:03.0062 1356 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
21:39:03.0078 1356 Raspti - ok
21:39:03.0125 1356 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
21:39:03.0187 1356 Rdbss - ok
21:39:03.0203 1356 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
21:39:03.0234 1356 RDPCDD - ok
21:39:03.0281 1356 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
21:39:03.0296 1356 rdpdr - ok
21:39:03.0343 1356 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
21:39:03.0359 1356 RDPWD - ok
21:39:03.0390 1356 redbook (611bfd220305be3a85ae876ea47d4aa5) C:\WINDOWS\system32\DRIVERS\redbook.sys
21:39:03.0406 1356 redbook - ok
21:39:03.0468 1356 RFCOMM (851c30df2807fcfa21e4c681a7d6440e) C:\WINDOWS\system32\DRIVERS\rfcomm.sys
21:39:03.0484 1356 RFCOMM - ok
21:39:03.0593 1356 Secdrv (ba0d892d2f786bcebdf03b0a252b47f3) C:\WINDOWS\system32\DRIVERS\secdrv.sys
21:39:03.0609 1356 Secdrv - ok
21:39:03.0640 1356 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
21:39:03.0656 1356 serenum - ok
21:39:03.0687 1356 Serial (b842729337c9b921615c40d3c1a1af96) C:\WINDOWS\system32\DRIVERS\serial.sys
21:39:03.0734 1356 Serial - ok
21:39:03.0781 1356 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
21:39:03.0796 1356 Sfloppy - ok
21:39:03.0812 1356 Simbad - ok
21:39:03.0828 1356 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
21:39:03.0859 1356 SLIP - ok
21:39:03.0875 1356 Sparrow - ok
21:39:03.0906 1356 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
21:39:03.0921 1356 splitter - ok
21:39:03.0968 1356 sptd (4a28488abc957ccc869b26a814266e92) C:\WINDOWS\system32\Drivers\sptd.sys
21:39:03.0968 1356 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\sptd.sys. md5: 4a28488abc957ccc869b26a814266e92
21:39:03.0968 1356 sptd ( LockedFile.Multi.Generic ) - warning
21:39:03.0968 1356 sptd - detected LockedFile.Multi.Generic (1)
21:39:04.0015 1356 sr (94610c8653635e4459316a0050d55ce7) C:\WINDOWS\system32\DRIVERS\sr.sys
21:39:04.0031 1356 sr - ok
21:39:04.0062 1356 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
21:39:04.0078 1356 Srv - ok
21:39:04.0140 1356 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
21:39:04.0156 1356 streamip - ok
21:39:04.0187 1356 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
21:39:04.0203 1356 swenum - ok
21:39:04.0234 1356 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
21:39:04.0265 1356 swmidi - ok
21:39:04.0296 1356 symc810 - ok
21:39:04.0312 1356 symc8xx - ok
21:39:04.0328 1356 sym_hi - ok
21:39:04.0343 1356 sym_u3 - ok
21:39:04.0359 1356 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
21:39:04.0375 1356 sysaudio - ok
21:39:04.0421 1356 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
21:39:04.0437 1356 Tcpip - ok
21:39:04.0453 1356 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
21:39:04.0500 1356 TDPIPE - ok
21:39:04.0531 1356 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
21:39:04.0562 1356 TDTCP - ok
21:39:04.0578 1356 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
21:39:04.0625 1356 TermDD - ok
21:39:04.0671 1356 TosIde - ok
21:39:04.0718 1356 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
21:39:04.0734 1356 Udfs - ok
21:39:04.0750 1356 ultra - ok
21:39:04.0796 1356 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
21:39:04.0828 1356 Update - ok
21:39:04.0859 1356 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
21:39:04.0890 1356 usbaudio - ok
21:39:04.0906 1356 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
21:39:04.0921 1356 usbccgp - ok
21:39:04.0953 1356 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
21:39:04.0968 1356 usbehci - ok
21:39:05.0015 1356 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
21:39:05.0031 1356 usbhub - ok
21:39:05.0062 1356 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
21:39:05.0062 1356 usbohci - ok
21:39:05.0109 1356 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
21:39:05.0125 1356 usbprint - ok
21:39:05.0156 1356 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
21:39:05.0171 1356 usbscan - ok
21:39:05.0203 1356 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
21:39:05.0234 1356 USBSTOR - ok
21:39:05.0281 1356 vaxscsi (92cebc2bc7be2c8d49391b365569f306) C:\WINDOWS\System32\Drivers\vaxscsi.sys
21:39:05.0312 1356 vaxscsi - ok
21:39:05.0359 1356 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
21:39:05.0375 1356 VgaSave - ok
21:39:05.0406 1356 ViaIde - ok
21:39:05.0421 1356 VolSnap (28a4b296b47782173c346e376cb374d1) C:\WINDOWS\system32\drivers\VolSnap.sys
21:39:05.0453 1356 VolSnap - ok
21:39:05.0500 1356 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
21:39:05.0515 1356 Wanarp - ok
21:39:05.0531 1356 WDICA - ok
21:39:05.0546 1356 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
21:39:05.0578 1356 wdmaud - ok
21:39:05.0656 1356 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
21:39:05.0687 1356 WSTCODEC - ok
21:39:05.0765 1356 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
21:39:05.0765 1356 \Device\Harddisk0\DR0 - ok
21:39:05.0781 1356 MBR (0x1B8) (413fc2a0c716421b3158746d63736515) \Device\Harddisk1\DR1
21:39:05.0843 1356 \Device\Harddisk1\DR1 - ok
21:39:05.0843 1356 MBR (0x1B8) (413fc2a0c716421b3158746d63736515) \Device\Harddisk2\DR2
21:39:06.0062 1356 \Device\Harddisk2\DR2 - ok
21:39:06.0078 1356 Boot (0x1200) (497e053fd7aef49662c9d4557bfe3255) \Device\Harddisk0\DR0\Partition0
21:39:06.0078 1356 \Device\Harddisk0\DR0\Partition0 - ok
21:39:06.0093 1356 Boot (0x1200) (ecdd0911d5c7678079e354eebd67e919) \Device\Harddisk1\DR1\Partition0
21:39:06.0093 1356 \Device\Harddisk1\DR1\Partition0 - ok
21:39:06.0093 1356 Boot (0x1200) (15f2699b7f1e03fa1a400bbd0bcc5144) \Device\Harddisk2\DR2\Partition0
21:39:06.0093 1356 \Device\Harddisk2\DR2\Partition0 - ok
21:39:06.0093 1356 ============================================================
21:39:06.0093 1356 Scan finished
21:39:06.0093 1356 ============================================================
21:39:06.0109 3236 Detected object count: 2
21:39:06.0109 3236 Actual detected object count: 2
21:40:23.0656 3236 atapi ( LockedFile.Multi.Generic ) - skipped by user
21:40:23.0656 3236 atapi ( LockedFile.Multi.Generic ) - User select action: Skip
21:40:23.0656 3236 sptd ( LockedFile.Multi.Generic ) - skipped by user
21:40:23.0656 3236 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
21:40:32.0500 2568 ============================================================
21:40:32.0500 2568 Scan started
21:40:32.0500 2568 Mode: Manual;
21:40:32.0500 2568 ============================================================
21:40:32.0921 2568 a347bus (1f61cacacb521215f39061789147968c) C:\WINDOWS\system32\DRIVERS\a347bus.sys
21:40:32.0921 2568 a347bus - ok
21:40:32.0937 2568 a347scsi (113e4b318bbaa7483ca4e582a4d63f49) C:\WINDOWS\system32\Drivers\a347scsi.sys
21:40:32.0937 2568 a347scsi - ok
21:40:32.0937 2568 Abiosdsk - ok
21:40:32.0953 2568 abp480n5 - ok
21:40:32.0984 2568 ACPI (4fe34f1f3126b61fcc6b2043aa8112c9) C:\WINDOWS\system32\DRIVERS\ACPI.sys
21:40:32.0984 2568 ACPI - ok
21:40:33.0015 2568 ACPIEC (afdff022a01f0b11c776f0860c3b282f) C:\WINDOWS\system32\drivers\ACPIEC.sys
21:40:33.0015 2568 ACPIEC - ok
21:40:33.0031 2568 adpu160m - ok
21:40:33.0046 2568 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
21:40:33.0046 2568 aec - ok
21:40:33.0093 2568 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
21:40:33.0093 2568 AFD - ok
21:40:33.0109 2568 Aha154x - ok
21:40:33.0125 2568 aic78u2 - ok
21:40:33.0125 2568 aic78xx - ok
21:40:33.0265 2568 ALCXWDM (f3e15607ba53249c765e36388b332c2f) C:\WINDOWS\system32\drivers\ALCXWDM.SYS
21:40:33.0296 2568 ALCXWDM - ok
21:40:33.0359 2568 AliIde - ok
21:40:33.0375 2568 amsint - ok
21:40:33.0406 2568 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
21:40:33.0406 2568 Arp1394 - ok
21:40:33.0421 2568 asc - ok
21:40:33.0437 2568 asc3350p - ok
21:40:33.0453 2568 asc3550 - ok
21:40:33.0484 2568 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
21:40:33.0484 2568 AsyncMac - ok
21:40:33.0515 2568 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
21:40:33.0515 2568 Suspicious file (NoAccess): C:\WINDOWS\system32\DRIVERS\atapi.sys. md5: 9f3a2f5aa6875c72bf062c712cfa2674
21:40:33.0515 2568 atapi ( LockedFile.Multi.Generic ) - warning
21:40:33.0515 2568 atapi - detected LockedFile.Multi.Generic (1)
21:40:33.0531 2568 Atdisk - ok
21:40:33.0656 2568 ati2mtag (7a95a5f3ed40a3b6f1275821553f3f4f) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
21:40:33.0703 2568 ati2mtag - ok
21:40:33.0781 2568 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
21:40:33.0781 2568 Atmarpc - ok
21:40:33.0906 2568 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
21:40:33.0906 2568 audstub - ok
21:40:33.0953 2568 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
21:40:33.0953 2568 Beep - ok
21:40:34.0000 2568 BthEnum (b279426e3c0c344893ed78a613a73bde) C:\WINDOWS\system32\DRIVERS\BthEnum.sys
21:40:34.0000 2568 BthEnum - ok
21:40:34.0015 2568 BTHMODEM (fca6f069597b62d42495191ace3fc6c1) C:\WINDOWS\system32\DRIVERS\bthmodem.sys
21:40:34.0015 2568 BTHMODEM - ok
21:40:34.0015 2568 BthPan (80602b8746d3738f5886ce3d67ef06b6) C:\WINDOWS\system32\DRIVERS\bthpan.sys
21:40:34.0015 2568 BthPan - ok
21:40:34.0046 2568 BTHPORT (f338662a6c1fc11dd9508f6dff2c06a2) C:\WINDOWS\system32\Drivers\BTHport.sys
21:40:34.0062 2568 BTHPORT - ok
21:40:34.0078 2568 BTHUSB (61364cd71ef63b0f038b7e9df00f1efa) C:\WINDOWS\system32\Drivers\BTHUSB.sys
21:40:34.0078 2568 BTHUSB - ok
21:40:34.0109 2568 CamDrL (cba8bce5bf67a3c619d5ce540bed9cf7) C:\WINDOWS\system32\DRIVERS\Camdrl.sys
21:40:34.0109 2568 CamDrL - ok
21:40:34.0156 2568 catchme - ok
21:40:34.0187 2568 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
21:40:34.0187 2568 cbidf2k - ok
21:40:34.0218 2568 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
21:40:34.0218 2568 CCDECODE - ok
21:40:34.0218 2568 cd20xrnt - ok
21:40:34.0234 2568 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
21:40:34.0250 2568 Cdaudio - ok
21:40:34.0265 2568 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
21:40:34.0265 2568 Cdfs - ok
21:40:34.0296 2568 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
21:40:34.0296 2568 Cdrom - ok
21:40:34.0312 2568 Changer - ok
21:40:34.0343 2568 CmdIde - ok
21:40:34.0375 2568 Cpqarray - ok
21:40:34.0390 2568 dac2w2k - ok
21:40:34.0406 2568 dac960nt - ok
21:40:34.0421 2568 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
21:40:34.0437 2568 Disk - ok
21:40:34.0468 2568 dmboot (db5fd2bf5b07dc54bfcb3664ff05bd7c) C:\WINDOWS\system32\drivers\dmboot.sys
21:40:34.0484 2568 dmboot - ok
21:40:34.0500 2568 dmio (fff1720af51171f32f1ead5cf71f2810) C:\WINDOWS\system32\drivers\dmio.sys
21:40:34.0500 2568 dmio - ok
21:40:34.0515 2568 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
21:40:34.0515 2568 dmload - ok
21:40:34.0531 2568 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
21:40:34.0531 2568 DMusic - ok
21:40:34.0562 2568 dpti2o - ok
21:40:34.0593 2568 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
21:40:34.0593 2568 drmkaud - ok
21:40:34.0640 2568 eamon (cb2c172cceac6dfb4576c6fb884d2520) C:\WINDOWS\system32\DRIVERS\eamon.sys
21:40:34.0640 2568 eamon - ok
21:40:34.0687 2568 easdrv (4a9915fbbfe68668f4b6b1630dd90886) C:\WINDOWS\system32\DRIVERS\easdrv.sys
21:40:34.0687 2568 easdrv - ok
21:40:34.0734 2568 EL90XBC (6e883bf518296a40959131c2304af714) C:\WINDOWS\system32\DRIVERS\el90xbc5.sys
21:40:34.0734 2568 EL90XBC - ok
21:40:34.0765 2568 epfw (b767f50ee389c005f0f158dc46e9b1c8) C:\WINDOWS\system32\DRIVERS\epfw.sys
21:40:34.0765 2568 epfw - ok
21:40:34.0781 2568 Epfwndis (b1161889d07b6cbfa8e66e0675f6a10a) C:\WINDOWS\system32\DRIVERS\Epfwndis.sys
21:40:34.0781 2568 Epfwndis - ok
21:40:34.0828 2568 epfwtdi (f94c67f39716ed0aaccb111d10576d5d) C:\WINDOWS\system32\DRIVERS\epfwtdi.sys
21:40:34.0828 2568 epfwtdi - ok
21:40:34.0843 2568 es1371 (a55dd7d8ced5d2624a9ee2dda7be0319) C:\WINDOWS\system32\drivers\es1371mp.sys
21:40:34.0843 2568 es1371 - ok
21:40:34.0890 2568 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
21:40:34.0890 2568 Fastfat - ok
21:40:34.0906 2568 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
21:40:34.0906 2568 Fdc - ok
21:40:34.0937 2568 Fips (ac366695a0796560aa37215ad5762aaf) C:\WINDOWS\system32\drivers\Fips.sys
21:40:34.0937 2568 Fips - ok
21:40:34.0968 2568 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
21:40:34.0968 2568 Flpydisk - ok
21:40:34.0984 2568 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
21:40:34.0984 2568 FltMgr - ok
21:40:35.0031 2568 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
21:40:35.0031 2568 Fs_Rec - ok
21:40:35.0062 2568 Ftdisk (4e664d8541db4a66b73a24257e322e1f) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
21:40:35.0078 2568 Ftdisk - ok
21:40:35.0093 2568 gameenum (065639773d8b03f33577f6cdaea21063) C:\WINDOWS\system32\DRIVERS\gameenum.sys
21:40:35.0093 2568 gameenum - ok
21:40:35.0109 2568 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
21:40:35.0109 2568 Gpc - ok
21:40:35.0140 2568 GT680xNT (0827f8a536e7e33393308eae4285e1e3) C:\WINDOWS\system32\drivers\gt680x.sys
21:40:35.0140 2568 GT680xNT - ok
21:40:35.0156 2568 h643331 - ok
21:40:35.0187 2568 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
21:40:35.0187 2568 HDAudBus - ok
21:40:35.0203 2568 hid3331 (6f21bff46363793c8120f8e7ceb2da40) C:\WINDOWS\system32\drivers\hid3331.sys
21:40:35.0218 2568 hid3331 - ok
21:40:35.0250 2568 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
21:40:35.0250 2568 hidusb - ok
21:40:35.0265 2568 hpn - ok
21:40:35.0312 2568 HTTP (f6aacf5bce2893e0c1754afeb672e5c9) C:\WINDOWS\system32\Drivers\HTTP.sys
21:40:35.0312 2568 HTTP - ok
21:40:35.0343 2568 i2omgmt - ok
21:40:35.0359 2568 i2omp - ok
21:40:35.0390 2568 i8042prt (c528e27945367191e7bae364930b6932) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
21:40:35.0390 2568 i8042prt - ok
21:40:35.0406 2568 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
21:40:35.0406 2568 Imapi - ok
21:40:35.0437 2568 InCDFs - ok
21:40:35.0453 2568 InCDPass - ok
21:40:35.0453 2568 InCDRm - ok
21:40:35.0484 2568 ini910u - ok
21:40:35.0500 2568 IntelIde - ok
21:40:35.0515 2568 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
21:40:35.0515 2568 Ip6Fw - ok
21:40:35.0531 2568 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
21:40:35.0531 2568 IpFilterDriver - ok
21:40:35.0562 2568 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
21:40:35.0562 2568 IpInIp - ok
21:40:35.0578 2568 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
21:40:35.0578 2568 IpNat - ok
21:40:35.0593 2568 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
21:40:35.0593 2568 IPSec - ok
21:40:35.0609 2568 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
21:40:35.0609 2568 IRENUM - ok
21:40:35.0625 2568 isapnp (cc9f8a2d60aed1a51a3ac34c59b987ae) C:\WINDOWS\system32\DRIVERS\isapnp.sys
21:40:35.0625 2568 isapnp - ok
21:40:35.0656 2568 Kbdclass (1b6162fe7f66b1a71a4b70f941c4aa9b) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
21:40:35.0656 2568 Kbdclass - ok
21:40:35.0671 2568 kbdhid (86c8f23616c6c6e5b2776901c17b945b) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
21:40:35.0671 2568 kbdhid - ok
21:40:35.0703 2568 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
21:40:35.0703 2568 kmixer - ok
21:40:35.0765 2568 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
21:40:35.0765 2568 KSecDD - ok
21:40:35.0812 2568 lbrtfdc - ok
21:40:35.0859 2568 LVUSBSta (90259f3a20fbaec1a08d74ef5415b9d8) C:\WINDOWS\system32\drivers\lvusbsta.sys
21:40:35.0875 2568 LVUSBSta - ok
21:40:35.0921 2568 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
21:40:35.0921 2568 mnmdd - ok
21:40:35.0937 2568 Modem (44032b0c6d9954d3fd26438330b99ee7) C:\WINDOWS\system32\drivers\Modem.sys
21:40:35.0953 2568 Modem - ok
21:40:35.0968 2568 Mouclass (4cb582831dbde63ce43b45d771218374) C:\WINDOWS\system32\DRIVERS\mouclass.sys
21:40:35.0968 2568 Mouclass - ok
21:40:36.0000 2568 mouhid (bb269eba740737ab749b214d568b6812) C:\WINDOWS\system32\DRIVERS\mouhid.sys
21:40:36.0000 2568 mouhid - ok
21:40:36.0031 2568 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
21:40:36.0031 2568 MountMgr - ok
21:40:36.0078 2568 mraid35x - ok
21:40:36.0093 2568 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
21:40:36.0093 2568 MRxDAV - ok
21:40:36.0140 2568 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
21:40:36.0140 2568 MRxSmb - ok
21:40:36.0187 2568 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
21:40:36.0187 2568 Msfs - ok
21:40:36.0218 2568 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
21:40:36.0218 2568 MSKSSRV - ok
21:40:36.0234 2568 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
21:40:36.0234 2568 MSPCLOCK - ok
21:40:36.0250 2568 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
21:40:36.0250 2568 MSPQM - ok
21:40:36.0281 2568 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
21:40:36.0281 2568 mssmbios - ok
21:40:36.0312 2568 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
21:40:36.0312 2568 MSTEE - ok
21:40:36.0375 2568 ms_mpu401 (ca3e22598f411199adc2dfee76cd0ae0) C:\WINDOWS\system32\drivers\msmpu401.sys
21:40:36.0375 2568 ms_mpu401 - ok
21:40:36.0406 2568 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
21:40:36.0406 2568 Mup - ok
21:40:36.0421 2568 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
21:40:36.0421 2568 NABTSFEC - ok
21:40:36.0468 2568 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
21:40:36.0468 2568 NDIS - ok
21:40:36.0515 2568 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
21:40:36.0515 2568 NdisIP - ok
21:40:36.0546 2568 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
21:40:36.0546 2568 NdisTapi - ok
21:40:36.0578 2568 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
21:40:36.0578 2568 Ndisuio - ok
21:40:36.0593 2568 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
21:40:36.0593 2568 NdisWan - ok
21:40:36.0640 2568 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
21:40:36.0640 2568 NDProxy - ok
21:40:36.0703 2568 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
21:40:36.0703 2568 NetBIOS - ok
21:40:36.0718 2568 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
21:40:36.0718 2568 NetBT - ok
21:40:36.0765 2568 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
21:40:36.0781 2568 NIC1394 - ok
21:40:36.0828 2568 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
21:40:36.0828 2568 Npfs - ok
21:40:36.0843 2568 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
21:40:36.0859 2568 Ntfs - ok
21:40:36.0890 2568 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
21:40:36.0890 2568 Null - ok
21:40:36.0937 2568 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
21:40:36.0937 2568 NwlnkFlt - ok
21:40:36.0953 2568 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
21:40:36.0953 2568 NwlnkFwd - ok
21:40:36.0968 2568 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
21:40:36.0968 2568 ohci1394 - ok
21:40:37.0015 2568 Parport (46f8db73b4a53e543f8e371dc7c75bae) C:\WINDOWS\system32\DRIVERS\parport.sys
21:40:37.0015 2568 Parport - ok
21:40:37.0046 2568 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
21:40:37.0046 2568 PartMgr - ok
21:40:37.0078 2568 ParVdm (1fae19d0457176318bba4a8795656ebc) C:\WINDOWS\system32\drivers\ParVdm.sys
21:40:37.0078 2568 ParVdm - ok
21:40:37.0109 2568 PCI (6ce351d149cb4befc702951e471e1730) C:\WINDOWS\system32\DRIVERS\pci.sys
21:40:37.0109 2568 PCI - ok
21:40:37.0109 2568 PCIDump - ok
21:40:37.0140 2568 PCIIde (2da4ec85e0ea7a45c6b2a05820492d5a) C:\WINDOWS\system32\DRIVERS\pciide.sys
21:40:37.0140 2568 PCIIde - ok
21:40:37.0171 2568 Pcmcia (4fc31e6c19a5ce5198b1abff94cae758) C:\WINDOWS\system32\drivers\Pcmcia.sys
21:40:37.0171 2568 Pcmcia - ok
21:40:37.0187 2568 PDCOMP - ok
21:40:37.0203 2568 PDFRAME - ok
21:40:37.0218 2568 PDRELI - ok
21:40:37.0234 2568 PDRFRAME - ok
21:40:37.0250 2568 perc2 - ok
21:40:37.0265 2568 perc2hib - ok
21:40:37.0312 2568 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
21:40:37.0312 2568 PptpMiniport - ok
21:40:37.0328 2568 Processor (7eb15dce4ec3a0220bd796a15c18186e) C:\WINDOWS\system32\DRIVERS\processr.sys
21:40:37.0343 2568 Processor - ok
21:40:37.0375 2568 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
21:40:37.0375 2568 PSched - ok
21:40:37.0406 2568 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
21:40:37.0406 2568 Ptilink - ok
21:40:37.0421 2568 ql1080 - ok
21:40:37.0437 2568 Ql10wnt - ok
21:40:37.0453 2568 ql12160 - ok
21:40:37.0468 2568 ql1240 - ok
21:40:37.0484 2568 ql1280 - ok
21:40:37.0500 2568 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
21:40:37.0500 2568 RasAcd - ok
21:40:37.0531 2568 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
21:40:37.0531 2568 Rasl2tp - ok
21:40:37.0562 2568 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
21:40:37.0562 2568 RasPppoe - ok
21:40:37.0593 2568 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
21:40:37.0593 2568 Raspti - ok
21:40:37.0625 2568 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
21:40:37.0625 2568 Rdbss - ok
21:40:37.0656 2568 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
21:40:37.0656 2568 RDPCDD - ok
21:40:37.0687 2568 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
21:40:37.0687 2568 rdpdr - ok
21:40:37.0718 2568 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
21:40:37.0734 2568 RDPWD - ok
21:40:37.0796 2568 redbook (611bfd220305be3a85ae876ea47d4aa5) C:\WINDOWS\system32\DRIVERS\redbook.sys
21:40:37.0796 2568 redbook - ok
21:40:37.0859 2568 RFCOMM (851c30df2807fcfa21e4c681a7d6440e) C:\WINDOWS\system32\DRIVERS\rfcomm.sys
21:40:37.0859 2568 RFCOMM - ok
21:40:37.0968 2568 Secdrv (ba0d892d2f786bcebdf03b0a252b47f3) C:\WINDOWS\system32\DRIVERS\secdrv.sys
21:40:37.0968 2568 Secdrv - ok
21:40:38.0015 2568 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
21:40:38.0015 2568 serenum - ok
21:40:38.0046 2568 Serial (b842729337c9b921615c40d3c1a1af96) C:\WINDOWS\system32\DRIVERS\serial.sys
21:40:38.0046 2568 Serial - ok
21:40:38.0078 2568 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
21:40:38.0093 2568 Sfloppy - ok
21:40:38.0125 2568 Simbad - ok
21:40:38.0156 2568 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
21:40:38.0156 2568 SLIP - ok
21:40:38.0171 2568 Sparrow - ok
21:40:38.0187 2568 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
21:40:38.0187 2568 splitter - ok
21:40:38.0234 2568 sptd (4a28488abc957ccc869b26a814266e92) C:\WINDOWS\system32\Drivers\sptd.sys
21:40:38.0234 2568 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\sptd.sys. md5: 4a28488abc957ccc869b26a814266e92
21:40:38.0234 2568 sptd ( LockedFile.Multi.Generic ) - warning
21:40:38.0234 2568 sptd - detected LockedFile.Multi.Generic (1)
21:40:38.0281 2568 sr (94610c8653635e4459316a0050d55ce7) C:\WINDOWS\system32\DRIVERS\sr.sys
21:40:38.0281 2568 sr - ok
21:40:38.0312 2568 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
21:40:38.0312 2568 Srv - ok
21:40:38.0359 2568 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
21:40:38.0359 2568 streamip - ok
21:40:38.0390 2568 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
21:40:38.0390 2568 swenum - ok
21:40:38.0406 2568 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
21:40:38.0421 2568 swmidi - ok
21:40:38.0453 2568 symc810 - ok
21:40:38.0468 2568 symc8xx - ok
21:40:38.0484 2568 sym_hi - ok
21:40:38.0500 2568 sym_u3 - ok
21:40:38.0531 2568 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
21:40:38.0531 2568 sysaudio - ok
21:40:38.0578 2568 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
21:40:38.0578 2568 Tcpip - ok
21:40:38.0640 2568 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
21:40:38.0640 2568 TDPIPE - ok
21:40:38.0656 2568 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
21:40:38.0656 2568 TDTCP - ok
21:40:38.0703 2568 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
21:40:38.0718 2568 TermDD - ok
21:40:38.0734 2568 TosIde - ok
21:40:38.0812 2568 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
21:40:38.0828 2568 Udfs - ok
21:40:38.0843 2568 ultra - ok
21:40:38.0890 2568 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
21:40:38.0890 2568 Update - ok
21:40:38.0937 2568 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
21:40:38.0937 2568 usbaudio - ok
21:40:38.0968 2568 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
21:40:38.0968 2568 usbccgp - ok
21:40:39.0000 2568 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
21:40:39.0015 2568 usbehci - ok
21:40:39.0062 2568 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
21:40:39.0062 2568 usbhub - ok
21:40:39.0093 2568 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
21:40:39.0093 2568 usbohci - ok
21:40:39.0125 2568 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
21:40:39.0125 2568 usbprint - ok
21:40:39.0171 2568 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
21:40:39.0171 2568 usbscan - ok
21:40:39.0203 2568 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
21:40:39.0203 2568 USBSTOR - ok
21:40:39.0281 2568 vaxscsi (92cebc2bc7be2c8d49391b365569f306) C:\WINDOWS\System32\Drivers\vaxscsi.sys
21:40:39.0281 2568 vaxscsi - ok
21:40:39.0328 2568 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
21:40:39.0328 2568 VgaSave - ok
21:40:39.0359 2568 ViaIde - ok
21:40:39.0375 2568 VolSnap (28a4b296b47782173c346e376cb374d1) C:\WINDOWS\system32\drivers\VolSnap.sys
21:40:39.0375 2568 VolSnap - ok
21:40:39.0406 2568 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
21:40:39.0406 2568 Wanarp - ok
21:40:39.0421 2568 WDICA - ok
21:40:39.0453 2568 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
21:40:39.0453 2568 wdmaud - ok
21:40:39.0546 2568 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
21:40:39.0546 2568 WSTCODEC - ok
21:40:39.0609 2568 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
21:40:39.0609 2568 \Device\Harddisk0\DR0 - ok
21:40:39.0640 2568 MBR (0x1B8) (413fc2a0c716421b3158746d63736515) \Device\Harddisk1\DR1
21:40:39.0703 2568 \Device\Harddisk1\DR1 - ok
21:40:39.0703 2568 MBR (0x1B8) (413fc2a0c716421b3158746d63736515) \Device\Harddisk2\DR2
21:40:39.0937 2568 \Device\Harddisk2\DR2 - ok
21:40:39.0937 2568 Boot (0x1200) (497e053fd7aef49662c9d4557bfe3255) \Device\Harddisk0\DR0\Partition0
21:40:39.0937 2568 \Device\Harddisk0\DR0\Partition0 - ok
21:40:39.0953 2568 Boot (0x1200) (ecdd0911d5c7678079e354eebd67e919) \Device\Harddisk1\DR1\Partition0
21:40:39.0953 2568 \Device\Harddisk1\DR1\Partition0 - ok
21:40:39.0953 2568 Boot (0x1200) (15f2699b7f1e03fa1a400bbd0bcc5144) \Device\Harddisk2\DR2\Partition0
21:40:39.0953 2568 \Device\Harddisk2\DR2\Partition0 - ok
21:40:39.0968 2568 ============================================================
21:40:39.0968 2568 Scan finished
21:40:39.0968 2568 ============================================================
21:40:39.0984 2628 Detected object count: 2
21:40:39.0984 2628 Actual detected object count: 2
21:41:47.0093 2628 atapi ( LockedFile.Multi.Generic ) - skipped by user
21:41:47.0093 2628 atapi ( LockedFile.Multi.Generic ) - User select action: Skip
21:41:47.0093 2628 sptd ( LockedFile.Multi.Generic ) - skipped by user
21:41:47.0093 2628 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
21:44:05.0937 3784 Deinitialize success

#12 Příspěvek od **motji** » 15 říj 2011 21:04

Tak v prvé řadě si zazálohujte důležitá data...budeme měnit systémový soubor, a pokud by něco nevyšlo, pc klekne...dá se to sice napravit, ale jistota je kulomet..

.

Pak odinstalujte daemon nebo alcohol, či co používáte.

arrow: Stáhněte SPTD http://www.duplexsecure.com/en/downloads
-vyberte verzi podle svého operačního systému. SPTD for Windows (32 bit) nebo (64b)
-uložte na plochu a spusťte
- zvolte možnost Uninstall
- restart PC

Stahněte http://www.jpshortstuff.247fixes.com/Defogger.exe
- spustte,
- potvrdte disabled
-log vložte zde

Pokud nemáte, přesuňte Combofix na plochu
-otevřete si Poznámkový blok
-Do něj zkopírujte text z tohoto okénka

Kód: Vybrat vše

KillAll::

Restore::
C:\WINDOWS\system32\DRIVERS\atapi.sys

Mia::
C:\WINDOWS\system32\DRIVERS\atapi.sys

-uložte Vámi vytvořený TXT soubor jako CFScript.txt na plochu
-po uložení uchopte vámi vytvořený skript levým myšítkem a -přesuňte ho nad ikonu Combofixu, kde ho upustíte:

Obrázek

-po aplikaci na Vás vypadne další log,vložte ho sem

Upozornění : může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou, v tom případě znovu restartujte a přitom mačkejte F8, pak zvolte Poslední známou funkční konfiguraci

13918 · #13 Příspěvek od **13918** » 15 říj 2011 21:46

Nedopatřením jsem nejprve spustil ComboFix a tím co jsem tam měl zkopírovat, pak jsem spustil vše v pořadí jaké jste doporučil(a) a ComboFix nakonec.

defogger_disable by jpshortstuff (23.02.10.1)
Log created at 22:26 on 15/10/2011 (Ferda Mravenec)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...
a347bus -> Disabled (Service running -> reboot required)
a347scsi -> Disabled (Service running -> reboot required)
Unable to read atapi.sys
SPTD -> Already disabled (Service running -> reboot required)

-=E.O.F=-

ComboFix 11-10-15.04 - Ferda Mravenec 15.10.2011 22:32:27.3.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.2047.1485 [GMT 2:00]
Spuštěný z: c:\documents and settings\Ferda Mravenec\Plocha\ComboFix.exe
AV: ESET Smart Security 3.0 *Disabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET personal firewall *Enabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-09-15 do 2011-10-15 )))))))))))))))))))))))))))))))
.
.
2011-10-15 10:03 . 2011-10-15 10:04 -------- d-----w- C:\rsit
2011-10-15 10:03 . 2011-10-15 10:04 -------- d-----w- c:\program files\trend micro
2011-10-08 12:35 . 2011-10-08 12:35 -------- d-----w- c:\documents and settings\Ferda Mravenec\Data aplikací\TVU Networks
2011-10-08 12:35 . 2011-10-08 12:35 -------- d-----w- c:\documents and settings\Ferda Mravenec\Local Settings\Data aplikací\TVU Networks
2011-10-08 12:35 . 2011-10-08 12:35 -------- d-----w- c:\documents and settings\All Users\Data aplikací\TVU Networks
2011-10-08 12:35 . 2011-10-08 12:35 -------- d-----w- c:\documents and settings\Ferda Mravenec\LocalLow
2011-10-08 08:23 . 2011-10-08 08:25 -------- d-----w- c:\program files\WinXMedia
2011-10-01 09:54 . 2011-10-01 09:54 -------- d-----w- c:\documents and settings\Ferda Mravenec\Local Settings\Data aplikací\Babylon
2011-10-01 09:54 . 2011-10-01 09:54 -------- d-----w- c:\documents and settings\Ferda Mravenec\Data aplikací\Babylon
2011-10-01 09:54 . 2011-10-01 09:54 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Babylon
2011-09-17 16:35 . 2008-04-14 06:51 21504 -c--a-w- c:\windows\system32\dllcache\hidserv.dll
2011-09-17 16:35 . 2008-04-14 06:51 21504 ----a-w- c:\windows\system32\hidserv.dll
2011-09-17 16:29 . 2011-09-17 16:29 -------- d-----w- c:\program files\Microsoft IntelliType Pro
2011-09-17 15:05 . 2011-09-17 15:05 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Easy Driver Pro
2011-09-17 13:52 . 2011-09-17 13:52 -------- d-----w- C:\Temp
2011-09-16 20:43 . 2008-12-04 19:46 180224 ----a-w- c:\windows\system32\xvidvfw.dll
2011-09-16 20:17 . 2011-09-16 20:17 -------- d-----w- c:\documents and settings\Ferda Mravenec\Local Settings\Data aplikací\Xilisoft
2011-09-16 20:17 . 2011-09-16 20:17 -------- d-----w- c:\documents and settings\Ferda Mravenec\Data aplikací\Xilisoft
2011-09-16 20:17 . 2011-09-17 13:56 -------- d-----w- c:\documents and settings\Ferda Mravenec\Data aplikací\Toolbar4
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-10-01 06:54 . 2011-05-14 08:54 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-09-26 09:41 . 2010-03-18 09:09 613376 ----a-w- c:\windows\system32\uiautomationcore.dll
2011-09-26 09:41 . 2001-10-25 15:00 22528 ----a-w- c:\windows\system32\oleaccrc.dll
2011-09-26 09:41 . 2001-10-25 15:00 220160 ----a-w- c:\windows\system32\oleacc.dll
2011-09-09 09:12 . 2004-08-17 15:49 602112 ----a-w- c:\windows\system32\crypt32.dll
2011-09-06 14:10 . 2004-08-17 15:44 1858944 ----a-w- c:\windows\system32\win32k.sys
2011-08-22 23:41 . 2004-08-17 15:49 916480 ----a-w- c:\windows\system32\wininet.dll
2011-08-22 23:41 . 2004-08-17 15:49 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2011-08-22 23:41 . 2004-08-17 15:49 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-08-22 11:56 . 2004-08-17 15:44 385024 ----a-w- c:\windows\system32\html.iec
2011-08-17 13:49 . 2004-08-03 23:14 138496 ----a-w- c:\windows\system32\drivers\afd.sys
2011-07-23 13:46 . 2011-07-23 13:46 4608 ----a-w- c:\windows\system32\w95inf32.dll
2011-07-23 13:46 . 2011-07-23 13:46 2272 ----a-w- c:\windows\system32\w95inf16.dll
2011-04-18 14:01 . 2011-04-18 13:30 1308851200 ----a-w- c:\program files\4Story_CZ_3.5.55.exe
2011-04-18 13:29 . 2011-04-18 13:29 344848 ----a-w- c:\program files\Downloader_4Story_CZ_3.5.55.exe
.
.
((((((((((((((((((((((((((((( SnapShot@2011-10-15_18.19.11 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-10-15 20:30 . 2011-10-15 20:30 16384 c:\windows\temp\Perflib_Perfdata_244.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LogitechSoftwareUpdate"="c:\program files\Logitech\Video\ManifestEngine.exe" [2004-10-08 196608]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2008-03-01 1443072]
"SoundMan"="SOUNDMAN.EXE" [2006-11-17 577536]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-09-25 98304]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"HP Component Manager"="c:\program files\HP\hpcoretech\hpcmpmgr.exe" [2003-12-22 241664]
"HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb10.exe" [2005-07-23 172032]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-09-07 37296]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
"LVCOMSX"="c:\windows\system32\LVCOMSX.EXE" [2004-10-08 221184]
"LogitechVideoRepair"="c:\program files\Logitech\Video\ISStart.exe" [2004-10-08 458752]
"LogitechVideoTray"="c:\program files\Logitech\Video\LogiTray.exe" [2004-10-08 217088]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2005-09-25 155648]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]
"Family Tree Builder Update"="g:\program files\MyHeritage\Bin\FTBCheckUpdates.exe" [2011-06-21 225280]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
"itype"="c:\program files\Microsoft IntelliType Pro\itype.exe" [2011-08-10 1313640]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\ICQ7.5\\ICQ.exe"=
.
R2 ekrn;Eset Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [21.12.2007 9:21 468224]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18.3.2010 14:16 130384]
S3 GT680xNT;ColorPage-Vivid 1200X;c:\windows\system32\drivers\Gt680x.sys [2.8.2011 17:49 17376]
S3 h643331;h643331;c:\windows\system32\drivers\h643331.sys --> c:\windows\system32\drivers\h643331.sys [?]
S3 hid3331;hid3331;c:\windows\system32\drivers\Hid3331.sys [16.4.2011 9:33 41024]
S3 vaxscsi;vaxscsi;c:\windows\system32\drivers\vaxscsi.sys [17.4.2011 15:01 223128]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18.3.2010 14:16 753504]
S4 a347bus;a347bus;c:\windows\system32\drivers\a347bus.sys [23.4.2011 21:37 160640]
S4 a347scsi;a347scsi;c:\windows\system32\drivers\a347scsi.sys [23.4.2011 21:37 5248]
S4 sptd;sptd;c:\windows\system32\Drivers\sptd.sys --> c:\windows\system32\Drivers\sptd.sys [?]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Obsah adresáře 'Naplánované úlohy'
.
2011-10-14 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2007\SystemOptimizer.exe [2006-12-19 13:13]
.
2011-09-17 c:\windows\Tasks\Microsoft_Hardware_Launch_IType_exe.job
- c:\program files\Microsoft IntelliType Pro\itype.exe [2011-08-10 14:39]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.cz/
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files\ICQ7.5\ICQ.exe
TCP: DhcpNameServer = 192.168.2.1
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-10-15 22:36
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG14.00.00.01PROFESSIONAL"="C9028133C53840A9D3A95290BDA38D049EBD252A0BF3C0FDF20C95992320FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B9808A6A0AC4980AC7933FEBC9E127BECC74C5D575E7D6A3B9808BA11088055CB37CEEB4D1E33DB67363AD74FCB74083413CA68C164D292D08881802C33458DA218DB31E1AF8A4142A872B78005A14C8D723DCDFEDF4522B4BD584BCA1A01D3E6696295772C58A402CFE3DFFC7170F3E2E9CA4006BBD9F9345375064DB96148D516CDF690ACEEAB5540F1C408687CCA74D8EFE5FAAB1827BE988FAE5A43F26131F5ADC8F2FE06516D81A5EDA874476F04954E7D4518E7104A4F80575A1A27E53FD9B3922924B9618111AA78AA543553DA692A57921A97E9CEABC5267957D6F34804B86F01518900CCDDD0139B798D3F4390ED5A5205D6C1C85981D6A9C6BBFB9BABB40E8E7057218E4C8C03D00CFD4C0E3CA37E39D83DF63AF5793521E973C20B7CC8B2A49F6B8F873474A0606515E98D11FD52BD4FC23EA51318A5D6F480DFE994B7345F3072E8006145D82514C95B1BA8D2F59E52C59D94B76B1C8A51C9C19486677E1DA67A1FC1935E2B3EDB72379110199DD98308F2945D24263B1A1929665B64907E3DF5769B00C42B0F324CE650C7EE15B3B32D6CB5F2195FAE209E2AC28CDBFCEBE1BE8B61CD1F02BFC078AA3A461539B6ED3F0F0CD744FA6E67E92E8D09A06B8EB60F49E79839EB3A68F895B97170792BE92C31B1E4C2BFC72AF270B2B42B17530F85730BF105B92EB9B88C37AA085C251AC50042E3D7874BD394049E66954F6D76A61E28DC154F0FFB834C253F0CFA7520BF7ADD1067C04E050CCB42E71FF7532958B4A2D09FA313A8096375764B033754B574A91F7D6CE9927D811579A908BE1AE8F3E2BB83C535705E339F083BB4C4422316CE3447A27B846C328ECE3D892EED056FD07A3FD2B5347B73A0227466BDA9EA5A79EB168CA39746BC2E8D049D637D410ADBE4F681978BBC2F77E4B402087DD1925A526069483D57D874D1CC7664D6147FF740F11921BFE3C427655C024BE400E0A6E93F8A1398D30D67A80BDBFBBCD95C9AC91DF4DE50136737ACEF7AF2BC05BD16A8F1566F02D0379018D6293823D284BEB007879F6ED39CB5B81810AF1551F46679D8480F0849877E94684CEAB3202BE19AE453740393C03079A2FA75AEBAA6D739FAEC68681B82428A9FCAA94D4BDB891D0E7137A62081B9D301897C0379C52E3B0267B29A0982F0D8013A5000BDF339C6FD8E02A731E2EB22469CC13D2C9A3244BB6D6DC4B932255131467A91C825FD9555E8348ADBBA60302DA904BC53C1B18E9ACAD7C437147B3DFCAD8D7C9D74657FD8D7EF841F33B8BE913A479555287D4833DBF6AA6FFB96D552C5AC6D56BC816A6EC01E"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(792)
c:\windows\system32\Ati2evxx.dll
.
- - - - - - - > 'explorer.exe'(1168)
c:\windows\system32\webcheck.dll
.
Celkový čas: 2011-10-15 22:38:05
ComboFix-quarantined-files.txt 2011-10-15 20:38
ComboFix2.txt 2011-10-15 18:20
.
Před spuštěním: Volných bajtů: 218 655 772 672
Po spuštění: Volných bajtů: 218 632 921 088
.
- - End Of File - - D9305491DDA15FABD7D959485320E704

#14 Příspěvek od **motji** » 15 říj 2011 21:50

Vypadá to nadějně..spustte znovu tdss killer a vložte zde log.
a taéy otestujte na www.virustotal.com
C:\WINDOWS\system32\DRIVERS\atapi.sys

13918 · #15 Příspěvek od **13918** » 15 říj 2011 21:57

22:54:37.0875 0344
Aniž bych věděl, jak to dopadne, nestihl jsem vám poděkovat za pomoc a tak tak činím nyní. DĚKUJI

TDSS rootkit removing tool 2.6.9.0 Oct 14 2011 11:33:24
22:54:38.0328 0344 ============================================================
22:54:38.0328 0344 Current date / time: 2011/10/15 22:54:38.0328
22:54:38.0328 0344 SystemInfo:
22:54:38.0328 0344
22:54:38.0328 0344 OS Version: 5.1.2600 ServicePack: 3.0
22:54:38.0328 0344 Product type: Workstation
22:54:38.0328 0344 ComputerName: FERDA-B66A118AD
22:54:38.0328 0344 UserName: Ferda Mravenec
22:54:38.0328 0344 Windows directory: C:\WINDOWS
22:54:38.0328 0344 System windows directory: C:\WINDOWS
22:54:38.0328 0344 Processor architecture: Intel x86
22:54:38.0328 0344 Number of processors: 1
22:54:38.0328 0344 Page size: 0x1000
22:54:38.0328 0344 Boot type: Normal boot
22:54:38.0328 0344 ============================================================
22:54:39.0281 0344 Initialize success
22:54:41.0781 0396 ============================================================
22:54:41.0781 0396 Scan started
22:54:41.0781 0396 Mode: Manual;
22:54:41.0781 0396 ============================================================
22:54:42.0640 0396 a347bus (1f61cacacb521215f39061789147968c) C:\WINDOWS\system32\DRIVERS\a347bus.sys
22:54:42.0640 0396 a347bus - ok
22:54:42.0656 0396 a347scsi (113e4b318bbaa7483ca4e582a4d63f49) C:\WINDOWS\System32\Drivers\a347scsi.sys
22:54:42.0656 0396 a347scsi - ok
22:54:42.0671 0396 Abiosdsk - ok
22:54:42.0687 0396 abp480n5 - ok
22:54:42.0718 0396 ACPI (4fe34f1f3126b61fcc6b2043aa8112c9) C:\WINDOWS\system32\DRIVERS\ACPI.sys
22:54:42.0718 0396 ACPI - ok
22:54:42.0750 0396 ACPIEC (afdff022a01f0b11c776f0860c3b282f) C:\WINDOWS\system32\drivers\ACPIEC.sys
22:54:42.0750 0396 ACPIEC - ok
22:54:42.0765 0396 adpu160m - ok
22:54:42.0796 0396 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
22:54:42.0796 0396 aec - ok
22:54:42.0843 0396 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
22:54:42.0843 0396 AFD - ok
22:54:42.0859 0396 Aha154x - ok
22:54:42.0875 0396 aic78u2 - ok
22:54:42.0890 0396 aic78xx - ok
22:54:43.0015 0396 ALCXWDM (f3e15607ba53249c765e36388b332c2f) C:\WINDOWS\system32\drivers\ALCXWDM.SYS
22:54:43.0046 0396 ALCXWDM - ok
22:54:43.0109 0396 AliIde - ok
22:54:43.0140 0396 amsint - ok
22:54:43.0171 0396 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
22:54:43.0171 0396 Arp1394 - ok
22:54:43.0187 0396 asc - ok
22:54:43.0203 0396 asc3350p - ok
22:54:43.0218 0396 asc3550 - ok
22:54:43.0250 0396 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
22:54:43.0250 0396 AsyncMac - ok
22:54:43.0281 0396 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
22:54:43.0281 0396 atapi - ok
22:54:43.0296 0396 Atdisk - ok
22:54:43.0453 0396 ati2mtag (7a95a5f3ed40a3b6f1275821553f3f4f) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
22:54:43.0484 0396 ati2mtag - ok
22:54:43.0562 0396 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
22:54:43.0562 0396 Atmarpc - ok
22:54:43.0609 0396 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
22:54:43.0609 0396 audstub - ok
22:54:43.0656 0396 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
22:54:43.0656 0396 Beep - ok
22:54:43.0687 0396 BthEnum (b279426e3c0c344893ed78a613a73bde) C:\WINDOWS\system32\DRIVERS\BthEnum.sys
22:54:43.0687 0396 BthEnum - ok
22:54:43.0703 0396 BTHMODEM (fca6f069597b62d42495191ace3fc6c1) C:\WINDOWS\system32\DRIVERS\bthmodem.sys
22:54:43.0703 0396 BTHMODEM - ok
22:54:43.0718 0396 BthPan (80602b8746d3738f5886ce3d67ef06b6) C:\WINDOWS\system32\DRIVERS\bthpan.sys
22:54:43.0718 0396 BthPan - ok
22:54:43.0734 0396 BTHPORT (f338662a6c1fc11dd9508f6dff2c06a2) C:\WINDOWS\system32\Drivers\BTHport.sys
22:54:43.0750 0396 BTHPORT - ok
22:54:43.0765 0396 BTHUSB (61364cd71ef63b0f038b7e9df00f1efa) C:\WINDOWS\system32\Drivers\BTHUSB.sys
22:54:43.0765 0396 BTHUSB - ok
22:54:43.0796 0396 CamDrL (cba8bce5bf67a3c619d5ce540bed9cf7) C:\WINDOWS\system32\DRIVERS\Camdrl.sys
22:54:43.0796 0396 CamDrL - ok
22:54:43.0843 0396 catchme - ok
22:54:43.0890 0396 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
22:54:43.0890 0396 cbidf2k - ok
22:54:43.0921 0396 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
22:54:43.0921 0396 CCDECODE - ok
22:54:43.0937 0396 cd20xrnt - ok
22:54:43.0953 0396 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
22:54:43.0953 0396 Cdaudio - ok
22:54:43.0968 0396 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
22:54:43.0968 0396 Cdfs - ok
22:54:43.0984 0396 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
22:54:43.0984 0396 Cdrom - ok
22:54:44.0000 0396 Changer - ok
22:54:44.0031 0396 CmdIde - ok
22:54:44.0062 0396 Cpqarray - ok
22:54:44.0078 0396 dac2w2k - ok
22:54:44.0093 0396 dac960nt - ok
22:54:44.0125 0396 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
22:54:44.0125 0396 Disk - ok
22:54:44.0296 0396 dmboot (db5fd2bf5b07dc54bfcb3664ff05bd7c) C:\WINDOWS\system32\drivers\dmboot.sys
22:54:44.0296 0396 dmboot - ok
22:54:44.0343 0396 dmio (fff1720af51171f32f1ead5cf71f2810) C:\WINDOWS\system32\drivers\dmio.sys
22:54:44.0343 0396 dmio - ok
22:54:44.0359 0396 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
22:54:44.0359 0396 dmload - ok
22:54:44.0375 0396 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
22:54:44.0375 0396 DMusic - ok
22:54:44.0406 0396 dpti2o - ok
22:54:44.0421 0396 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
22:54:44.0421 0396 drmkaud - ok
22:54:44.0468 0396 eamon (cb2c172cceac6dfb4576c6fb884d2520) C:\WINDOWS\system32\DRIVERS\eamon.sys
22:54:44.0468 0396 eamon - ok
22:54:44.0515 0396 easdrv (4a9915fbbfe68668f4b6b1630dd90886) C:\WINDOWS\system32\DRIVERS\easdrv.sys
22:54:44.0515 0396 easdrv - ok
22:54:44.0546 0396 EL90XBC (6e883bf518296a40959131c2304af714) C:\WINDOWS\system32\DRIVERS\el90xbc5.sys
22:54:44.0546 0396 EL90XBC - ok
22:54:44.0578 0396 epfw (b767f50ee389c005f0f158dc46e9b1c8) C:\WINDOWS\system32\DRIVERS\epfw.sys
22:54:44.0593 0396 epfw - ok
22:54:44.0593 0396 Epfwndis (b1161889d07b6cbfa8e66e0675f6a10a) C:\WINDOWS\system32\DRIVERS\Epfwndis.sys
22:54:44.0609 0396 Epfwndis - ok
22:54:44.0625 0396 epfwtdi (f94c67f39716ed0aaccb111d10576d5d) C:\WINDOWS\system32\DRIVERS\epfwtdi.sys
22:54:44.0625 0396 epfwtdi - ok
22:54:44.0640 0396 es1371 (a55dd7d8ced5d2624a9ee2dda7be0319) C:\WINDOWS\system32\drivers\es1371mp.sys
22:54:44.0640 0396 es1371 - ok
22:54:44.0671 0396 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
22:54:44.0671 0396 Fastfat - ok
22:54:44.0703 0396 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
22:54:44.0703 0396 Fdc - ok
22:54:44.0765 0396 Fips (ac366695a0796560aa37215ad5762aaf) C:\WINDOWS\system32\drivers\Fips.sys
22:54:44.0765 0396 Fips - ok
22:54:44.0781 0396 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
22:54:44.0781 0396 Flpydisk - ok
22:54:44.0796 0396 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
22:54:44.0812 0396 FltMgr - ok
22:54:44.0859 0396 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
22:54:44.0859 0396 Fs_Rec - ok
22:54:44.0890 0396 Ftdisk (4e664d8541db4a66b73a24257e322e1f) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
22:54:44.0890 0396 Ftdisk - ok
22:54:44.0906 0396 gameenum (065639773d8b03f33577f6cdaea21063) C:\WINDOWS\system32\DRIVERS\gameenum.sys
22:54:44.0906 0396 gameenum - ok
22:54:44.0921 0396 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
22:54:44.0921 0396 Gpc - ok
22:54:44.0953 0396 GT680xNT (0827f8a536e7e33393308eae4285e1e3) C:\WINDOWS\system32\drivers\gt680x.sys
22:54:44.0953 0396 GT680xNT - ok
22:54:44.0968 0396 h643331 - ok
22:54:45.0000 0396 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
22:54:45.0000 0396 HDAudBus - ok
22:54:45.0031 0396 hid3331 (6f21bff46363793c8120f8e7ceb2da40) C:\WINDOWS\system32\drivers\hid3331.sys
22:54:45.0031 0396 hid3331 - ok
22:54:45.0062 0396 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
22:54:45.0062 0396 hidusb - ok
22:54:45.0093 0396 hpn - ok
22:54:45.0140 0396 HTTP (f6aacf5bce2893e0c1754afeb672e5c9) C:\WINDOWS\system32\Drivers\HTTP.sys
22:54:45.0140 0396 HTTP - ok
22:54:45.0171 0396 i2omgmt - ok
22:54:45.0187 0396 i2omp - ok
22:54:45.0218 0396 i8042prt (c528e27945367191e7bae364930b6932) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
22:54:45.0218 0396 i8042prt - ok
22:54:45.0250 0396 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
22:54:45.0250 0396 Imapi - ok
22:54:45.0265 0396 InCDFs - ok
22:54:45.0281 0396 InCDPass - ok
22:54:45.0296 0396 InCDRm - ok
22:54:45.0312 0396 ini910u - ok
22:54:45.0343 0396 IntelIde - ok
22:54:45.0359 0396 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
22:54:45.0359 0396 Ip6Fw - ok
22:54:45.0375 0396 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
22:54:45.0375 0396 IpFilterDriver - ok
22:54:45.0390 0396 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
22:54:45.0390 0396 IpInIp - ok
22:54:45.0406 0396 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
22:54:45.0406 0396 IpNat - ok
22:54:45.0421 0396 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
22:54:45.0421 0396 IPSec - ok
22:54:45.0437 0396 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
22:54:45.0437 0396 IRENUM - ok
22:54:45.0468 0396 isapnp (cc9f8a2d60aed1a51a3ac34c59b987ae) C:\WINDOWS\system32\DRIVERS\isapnp.sys
22:54:45.0468 0396 isapnp - ok
22:54:45.0500 0396 Kbdclass (1b6162fe7f66b1a71a4b70f941c4aa9b) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
22:54:45.0500 0396 Kbdclass - ok
22:54:45.0515 0396 kbdhid (86c8f23616c6c6e5b2776901c17b945b) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
22:54:45.0515 0396 kbdhid - ok
22:54:45.0531 0396 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
22:54:45.0531 0396 kmixer - ok
22:54:45.0578 0396 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
22:54:45.0578 0396 KSecDD - ok
22:54:45.0593 0396 lbrtfdc - ok
22:54:45.0640 0396 LVUSBSta (90259f3a20fbaec1a08d74ef5415b9d8) C:\WINDOWS\system32\drivers\lvusbsta.sys
22:54:45.0640 0396 LVUSBSta - ok
22:54:45.0687 0396 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
22:54:45.0687 0396 mnmdd - ok
22:54:45.0734 0396 Modem (44032b0c6d9954d3fd26438330b99ee7) C:\WINDOWS\system32\drivers\Modem.sys
22:54:45.0734 0396 Modem - ok
22:54:45.0750 0396 Mouclass (4cb582831dbde63ce43b45d771218374) C:\WINDOWS\system32\DRIVERS\mouclass.sys
22:54:45.0750 0396 Mouclass - ok
22:54:45.0765 0396 mouhid (bb269eba740737ab749b214d568b6812) C:\WINDOWS\system32\DRIVERS\mouhid.sys
22:54:45.0765 0396 mouhid - ok
22:54:45.0796 0396 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
22:54:45.0796 0396 MountMgr - ok
22:54:45.0828 0396 mraid35x - ok
22:54:45.0843 0396 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
22:54:45.0843 0396 MRxDAV - ok
22:54:45.0906 0396 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
22:54:45.0906 0396 MRxSmb - ok
22:54:45.0968 0396 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
22:54:45.0968 0396 Msfs - ok
22:54:46.0000 0396 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
22:54:46.0000 0396 MSKSSRV - ok
22:54:46.0015 0396 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
22:54:46.0015 0396 MSPCLOCK - ok
22:54:46.0031 0396 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
22:54:46.0031 0396 MSPQM - ok
22:54:46.0062 0396 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
22:54:46.0062 0396 mssmbios - ok
22:54:46.0109 0396 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
22:54:46.0109 0396 MSTEE - ok
22:54:46.0156 0396 ms_mpu401 (ca3e22598f411199adc2dfee76cd0ae0) C:\WINDOWS\system32\drivers\msmpu401.sys
22:54:46.0156 0396 ms_mpu401 - ok
22:54:46.0203 0396 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
22:54:46.0203 0396 Mup - ok
22:54:46.0218 0396 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
22:54:46.0218 0396 NABTSFEC - ok
22:54:46.0265 0396 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
22:54:46.0265 0396 NDIS - ok
22:54:46.0296 0396 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
22:54:46.0296 0396 NdisIP - ok
22:54:46.0343 0396 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
22:54:46.0359 0396 NdisTapi - ok
22:54:46.0375 0396 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
22:54:46.0375 0396 Ndisuio - ok
22:54:46.0406 0396 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
22:54:46.0406 0396 NdisWan - ok
22:54:46.0437 0396 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
22:54:46.0437 0396 NDProxy - ok
22:54:46.0468 0396 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
22:54:46.0468 0396 NetBIOS - ok
22:54:46.0484 0396 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
22:54:46.0484 0396 NetBT - ok
22:54:46.0531 0396 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
22:54:46.0531 0396 NIC1394 - ok
22:54:46.0546 0396 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
22:54:46.0562 0396 Npfs - ok
22:54:46.0593 0396 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
22:54:46.0593 0396 Ntfs - ok
22:54:46.0640 0396 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
22:54:46.0640 0396 Null - ok
22:54:46.0671 0396 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
22:54:46.0671 0396 NwlnkFlt - ok
22:54:46.0687 0396 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
22:54:46.0687 0396 NwlnkFwd - ok
22:54:46.0718 0396 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
22:54:46.0718 0396 ohci1394 - ok
22:54:46.0750 0396 Parport (46f8db73b4a53e543f8e371dc7c75bae) C:\WINDOWS\system32\DRIVERS\parport.sys
22:54:46.0750 0396 Parport - ok
22:54:46.0765 0396 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
22:54:46.0765 0396 PartMgr - ok
22:54:46.0796 0396 ParVdm (1fae19d0457176318bba4a8795656ebc) C:\WINDOWS\system32\drivers\ParVdm.sys
22:54:46.0796 0396 ParVdm - ok
22:54:46.0828 0396 PCI (6ce351d149cb4befc702951e471e1730) C:\WINDOWS\system32\DRIVERS\pci.sys
22:54:46.0828 0396 PCI - ok
22:54:46.0828 0396 PCIDump - ok
22:54:46.0859 0396 PCIIde (2da4ec85e0ea7a45c6b2a05820492d5a) C:\WINDOWS\system32\DRIVERS\pciide.sys
22:54:46.0859 0396 PCIIde - ok
22:54:46.0890 0396 Pcmcia (4fc31e6c19a5ce5198b1abff94cae758) C:\WINDOWS\system32\drivers\Pcmcia.sys
22:54:46.0890 0396 Pcmcia - ok
22:54:46.0921 0396 PDCOMP - ok
22:54:46.0937 0396 PDFRAME - ok
22:54:46.0953 0396 PDRELI - ok
22:54:46.0968 0396 PDRFRAME - ok
22:54:46.0968 0396 perc2 - ok
22:54:46.0984 0396 perc2hib - ok
22:54:47.0046 0396 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
22:54:47.0062 0396 PptpMiniport - ok
22:54:47.0078 0396 Processor (7eb15dce4ec3a0220bd796a15c18186e) C:\WINDOWS\system32\DRIVERS\processr.sys
22:54:47.0093 0396 Processor - ok
22:54:47.0125 0396 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
22:54:47.0125 0396 PSched - ok
22:54:47.0171 0396 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
22:54:47.0171 0396 Ptilink - ok
22:54:47.0218 0396 ql1080 - ok
22:54:47.0234 0396 Ql10wnt - ok
22:54:47.0250 0396 ql12160 - ok
22:54:47.0265 0396 ql1240 - ok
22:54:47.0265 0396 ql1280 - ok
22:54:47.0296 0396 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
22:54:47.0296 0396 RasAcd - ok
22:54:47.0328 0396 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
22:54:47.0328 0396 Rasl2tp - ok
22:54:47.0343 0396 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
22:54:47.0343 0396 RasPppoe - ok
22:54:47.0375 0396 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
22:54:47.0375 0396 Raspti - ok
22:54:47.0406 0396 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
22:54:47.0421 0396 Rdbss - ok
22:54:47.0437 0396 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
22:54:47.0437 0396 RDPCDD - ok
22:54:47.0468 0396 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
22:54:47.0484 0396 rdpdr - ok
22:54:47.0531 0396 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
22:54:47.0531 0396 RDPWD - ok
22:54:47.0593 0396 redbook (611bfd220305be3a85ae876ea47d4aa5) C:\WINDOWS\system32\DRIVERS\redbook.sys
22:54:47.0593 0396 redbook - ok
22:54:47.0640 0396 RFCOMM (851c30df2807fcfa21e4c681a7d6440e) C:\WINDOWS\system32\DRIVERS\rfcomm.sys
22:54:47.0640 0396 RFCOMM - ok
22:54:47.0703 0396 Secdrv (ba0d892d2f786bcebdf03b0a252b47f3) C:\WINDOWS\system32\DRIVERS\secdrv.sys
22:54:47.0703 0396 Secdrv - ok
22:54:47.0734 0396 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
22:54:47.0734 0396 serenum - ok
22:54:47.0781 0396 Serial (b842729337c9b921615c40d3c1a1af96) C:\WINDOWS\system32\DRIVERS\serial.sys
22:54:47.0781 0396 Serial - ok
22:54:47.0828 0396 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
22:54:47.0828 0396 Sfloppy - ok
22:54:47.0875 0396 Simbad - ok
22:54:47.0921 0396 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
22:54:47.0921 0396 SLIP - ok
22:54:47.0937 0396 Sparrow - ok
22:54:47.0968 0396 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
22:54:47.0968 0396 splitter - ok
22:54:47.0984 0396 sptd - ok
22:54:48.0015 0396 sr (94610c8653635e4459316a0050d55ce7) C:\WINDOWS\system32\DRIVERS\sr.sys
22:54:48.0015 0396 sr - ok
22:54:48.0062 0396 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
22:54:48.0062 0396 Srv - ok
22:54:48.0109 0396 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
22:54:48.0109 0396 streamip - ok
22:54:48.0140 0396 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
22:54:48.0140 0396 swenum - ok
22:54:48.0187 0396 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
22:54:48.0187 0396 swmidi - ok
22:54:48.0234 0396 symc810 - ok
22:54:48.0250 0396 symc8xx - ok
22:54:48.0265 0396 sym_hi - ok
22:54:48.0281 0396 sym_u3 - ok
22:54:48.0296 0396 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
22:54:48.0296 0396 sysaudio - ok
22:54:48.0359 0396 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
22:54:48.0359 0396 Tcpip - ok
22:54:48.0390 0396 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
22:54:48.0390 0396 TDPIPE - ok
22:54:48.0421 0396 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
22:54:48.0421 0396 TDTCP - ok
22:54:48.0437 0396 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
22:54:48.0437 0396 TermDD - ok
22:54:48.0468 0396 TosIde - ok
22:54:48.0515 0396 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
22:54:48.0515 0396 Udfs - ok
22:54:48.0546 0396 ultra - ok
22:54:48.0578 0396 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
22:54:48.0593 0396 Update - ok
22:54:48.0640 0396 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
22:54:48.0640 0396 usbaudio - ok
22:54:48.0656 0396 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
22:54:48.0671 0396 usbccgp - ok
22:54:48.0687 0396 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
22:54:48.0687 0396 usbehci - ok
22:54:48.0718 0396 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
22:54:48.0718 0396 usbhub - ok
22:54:48.0750 0396 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
22:54:48.0750 0396 usbohci - ok
22:54:48.0781 0396 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
22:54:48.0781 0396 usbprint - ok
22:54:48.0812 0396 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
22:54:48.0812 0396 usbscan - ok
22:54:48.0859 0396 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
22:54:48.0859 0396 USBSTOR - ok
22:54:48.0937 0396 vaxscsi (92cebc2bc7be2c8d49391b365569f306) C:\WINDOWS\System32\Drivers\vaxscsi.sys
22:54:48.0953 0396 vaxscsi - ok
22:54:48.0984 0396 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
22:54:48.0984 0396 VgaSave - ok
22:54:49.0000 0396 ViaIde - ok
22:54:49.0015 0396 VolSnap (28a4b296b47782173c346e376cb374d1) C:\WINDOWS\system32\drivers\VolSnap.sys
22:54:49.0015 0396 VolSnap - ok
22:54:49.0062 0396 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
22:54:49.0062 0396 Wanarp - ok
22:54:49.0078 0396 WDICA - ok
22:54:49.0093 0396 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
22:54:49.0093 0396 wdmaud - ok
22:54:49.0187 0396 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
22:54:49.0187 0396 WSTCODEC - ok
22:54:49.0234 0396 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
22:54:49.0250 0396 \Device\Harddisk0\DR0 - ok
22:54:49.0265 0396 MBR (0x1B8) (413fc2a0c716421b3158746d63736515) \Device\Harddisk1\DR1
22:54:49.0328 0396 \Device\Harddisk1\DR1 - ok
22:54:49.0343 0396 MBR (0x1B8) (413fc2a0c716421b3158746d63736515) \Device\Harddisk2\DR2
22:54:49.0546 0396 \Device\Harddisk2\DR2 - ok
22:54:49.0546 0396 Boot (0x1200) (497e053fd7aef49662c9d4557bfe3255) \Device\Harddisk0\DR0\Partition0
22:54:49.0546 0396 \Device\Harddisk0\DR0\Partition0 - ok
22:54:49.0562 0396 Boot (0x1200) (ecdd0911d5c7678079e354eebd67e919) \Device\Harddisk1\DR1\Partition0
22:54:49.0562 0396 \Device\Harddisk1\DR1\Partition0 - ok
22:54:49.0562 0396 Boot (0x1200) (15f2699b7f1e03fa1a400bbd0bcc5144) \Device\Harddisk2\DR2\Partition0
22:54:49.0578 0396 \Device\Harddisk2\DR2\Partition0 - ok
22:54:49.0578 0396 ============================================================
22:54:49.0578 0396 Scan finished
22:54:49.0578 0396 ============================================================
22:54:49.0593 3788 Detected object count: 0
22:54:49.0593 3788 Actual detected object count: 0
22:55:06.0859 3304 Deinitialize success

VIRY.CZ

Zpomalené pouštění PC - prosím o kontrolu logu

Zpomalené pouštění PC - prosím o kontrolu logu

Re: Zpomalené pouštění PC - prosím o kontrolu logu

Re: Zpomalené pouštění PC - prosím o kontrolu logu

Re: Zpomalené pouštění PC - prosím o kontrolu logu

Re: Zpomalené pouštění PC - prosím o kontrolu logu

Re: Zpomalené pouštění PC - prosím o kontrolu logu

Re: Zpomalené pouštění PC - prosím o kontrolu logu

Re: Zpomalené pouštění PC - prosím o kontrolu logu

Re: Zpomalené pouštění PC - prosím o kontrolu logu

Re: Zpomalené pouštění PC - prosím o kontrolu logu

Re: Zpomalené pouštění PC - prosím o kontrolu logu

Re: Zpomalené pouštění PC - prosím o kontrolu logu

Re: Zpomalené pouštění PC - prosím o kontrolu logu

Re: Zpomalené pouštění PC - prosím o kontrolu logu

Re: Zpomalené pouštění PC - prosím o kontrolu logu