VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Prosím o kontrolu logu, disk C se nekontrolovaně plní

https://forum.viry.cz:443/viewtopic.php?t=116978

Stránka 1 z 1

Prosím o kontrolu logu, disk C se nekontrolovaně plní

Napsal: 13 lis 2011 20:33
od Evergreen5
info.txt logfile of random's system information tool 1.09 2011-11-13 20:27:27

======Uninstall list======

-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Acrobat 4.0-->C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\Common Files\Adobe\Acrobat 4.0\NT\Uninst.isu" -c"C:\Program Files\Common Files\Adobe\Acrobat 4.0\NT\Uninst.dll"
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)-->MsiExec.exe /X{6846389C-BAC0-4374-808E-B120F86AF5D7}
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 8 - Czech-->MsiExec.exe /I{AC76BA86-7AD7-1029-7B44-A81200000003}
Aktualizace systému Windows XP (KB2641690)-->"C:\WINDOWS\$NtUninstallKB2641690$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2544893-v2)-->"C:\WINDOWS\$NtUninstallKB2544893-v2$\spuninst\spuninst.exe"
Asistent pro přihlášení ke službě Windows Live-->MsiExec.exe /I{BD86C297-41C7-4DB5-82C4-98DE3399A2EF}
Asterisk Key 10.0-->C:\Program Files\Passware\un-ariskkey.exe
Asus ACPI Driver-->MsiExec.exe /X{19F5658D-92E8-4A08-8657-D38ABB1574B2}
Asus OS Cleaner-->C:\Program Files\InstallShield Installation Information\{84E2AA5A-8BA3-4F08-9F6F-C14E4C679FF0}\setup.exe -runfromtemp -l0x0009 -removeonly
ASUSUpdate for Eee PC-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{587178E7-B1DF-494E-9838-FA4DD36E873C}\setup.exe" -l0x9
Atheros Communications Inc.(R) AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver-->"C:\Program Files\InstallShield Installation Information\{3108C217-BE83-42E4-AE9E-A56A2A92E549}\setup.exe" -runfromtemp -l0x0009 -removeonly
avast! Free Antivirus-->C:\Program Files\AVAST Software\Avast\aswRunDll.exe "C:\Program Files\AVAST Software\Avast\Setup\setiface.dll" RunSetup
Azurewave Wireless LAN-->C:\Program Files\InstallShield Installation Information\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}\setup.exe -runfromtemp -l0x0009 -removeonly
BS.Player ControlBar-->C:\Program Files\BS.Player ControlBar\uninst.exe
BS.Player FREE-->"C:\Program Files\Webteh\BSplayer\uninstall.exe"
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
ECAP-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{85E3CFBC-9B1B-470C-AF72-54EACA0F1322}\setup.exe" -l0x5 -removeonly
Eee Instant Key-->C:\Program Files\InstallShield Installation Information\{6E4DAE31-7CF3-441A-B6E5-B014D63C80CD}\setup.exe -runfromtemp -l0x0009 -removeonly
Eee Storage-->MsiExec.exe /I{DEB6ACEB-C418-4880-9133-1C5EB9AFBC79}
GrabWinText 2.00-->"C:\Program Files\PCNetSoftware\GrabWinText\unins000.exe"
HDGraph-->MsiExec.exe /I{8B583E95-EF9E-48D8-AF3B-15FD4F28B682}
Hodiny a budík PSS (5.3.2002) 1.1-->"C:\Program Files\PSS\Hodiny\unins000.exe"
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
Intel(R) Graphics Media Accelerator Driver-->C:\WINDOWS\system32\igxpun.exe -uninstall
Java(TM) 6 Update 21-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216021FF}
Malwarebytes' Anti-Malware verze 1.51.2.1300-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - CSY-->MsiExec.exe /I{6FE8B722-4D7E-3CD7-BB3A-3AD1684B1295}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 Language Pack - CSY-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack - csy\setup.exe
Microsoft .NET Framework 3.5 Language Pack - csy-->MsiExec.exe /I{74DCC43B-33C9-3389-BD0D-33EB37973657}
Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}
Microsoft Works-->MsiExec.exe /I{C73B5B3B-F974-48CA-8B91-3E8A432AEA5B}
NinjaTrader 7-->MsiExec.exe /I{F32F7FC8-02AD-4E72-BD40-2B045CA191FE}
QuickStores-Toolbar 1.1.0-->"C:\Documents and Settings\Pepa\Data aplikací\QuickStoresToolbar\unins000.exe"
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0x5 -removeonly
RealUpgrade 1.1-->MsiExec.exe /I{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A8894F19-59C8-38D2-8A75-36C0CCE56A5B} /qb+ REBOOTPROMPT=""
Skype web features-->MsiExec.exe /I{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}
Skype™ 5.3-->MsiExec.exe /X{5335DADB-34BA-4AE8-A519-648D78498846}
Super Hybrid Engine-->C:\Program Files\InstallShield Installation Information\{0990B5DF-92C3-4AD6-A18D-BF3ADF311240}\setup.exe -runfromtemp -l0x0009 -removeonly
Unlocker 1.9.1-->C:\Program Files\Unlocker\uninst.exe
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
WIDCOMM Bluetooth Software-->MsiExec.exe /X{84814E6B-2581-46EC-926A-823BD1C670F6}
WinRAR-->C:\Program Files\WinRAR\uninstall.exe

======Security center information======

AV: avast! Antivirus

======System event log======

Computer Name: YOUR-YIOCD0LLFE
Event Code: 1009
Message: Při pokusu o odeslání zprávy došlo k chybě. Kód chyby: Blokovací operace byla přerušena voláním WSACancelBlockingCall.
.

Record Number: 3439
Source Name: Dhcp
Time Written: 20111102134251.000000+060
Event Type: Upozornění
User:

Computer Name: YOUR-YIOCD0LLFE
Event Code: 4201
Message: Sytém zjistil, že síťový adaptér 802.11n Wireless LAN Card - Packet Scheduler Miniport byl připojen k síti
a inicializoval normální činnost přes síťový adaptér.

Record Number: 3438
Source Name: Tcpip
Time Written: 20111102134248.000000+060
Event Type: Informace
User:

Computer Name: YOUR-YIOCD0LLFE
Event Code: 4201
Message: Sytém zjistil, že síťový adaptér 802.11n Wireless LAN Card - Packet Scheduler Miniport byl připojen k síti
a inicializoval normální činnost přes síťový adaptér.

Record Number: 3437
Source Name: Tcpip
Time Written: 20111102134243.000000+060
Event Type: Informace
User:

Computer Name: YOUR-YIOCD0LLFE
Event Code: 4201
Message: Sytém zjistil, že síťový adaptér 802.11n Wireless LAN Card - Packet Scheduler Miniport byl připojen k síti
a inicializoval normální činnost přes síťový adaptér.

Record Number: 3436
Source Name: Tcpip
Time Written: 20111102134238.000000+060
Event Type: Informace
User:

Computer Name: YOUR-YIOCD0LLFE
Event Code: 4201
Message: Sytém zjistil, že síťový adaptér 802.11n Wireless LAN Card - Packet Scheduler Miniport byl připojen k síti
a inicializoval normální činnost přes síťový adaptér.

Record Number: 3435
Source Name: Tcpip
Time Written: 20111102134233.000000+060
Event Type: Informace
User:

=====Application event log=====

Computer Name: YOUR-YIOCD0LLFE
Event Code: 11711
Message: Produkt: Microsoft .NET Framework 2.0 Service Pack 2 - Error 1711.Při zapisování instalačních informací na disk došlo k chybě. Přesvědčte se, zda je na disku dostatek místa, a klepněte na tlačítko Opakovat. Chcete-li instalaci ukončit, klepněte na tlačítko Storno.

Record Number: 117084
Source Name: MsiInstaller
Time Written: 20111111062540.000000+060
Event Type: Chyba
User: NT AUTHORITY\SYSTEM

Computer Name: YOUR-YIOCD0LLFE
Event Code: 11711
Message: Produkt: Microsoft .NET Framework 2.0 Service Pack 2 - Error 1711.Při zapisování instalačních informací na disk došlo k chybě. Přesvědčte se, zda je na disku dostatek místa, a klepněte na tlačítko Opakovat. Chcete-li instalaci ukončit, klepněte na tlačítko Storno.

Record Number: 117083
Source Name: MsiInstaller
Time Written: 20111111062533.000000+060
Event Type: Chyba
User: NT AUTHORITY\SYSTEM

Computer Name: YOUR-YIOCD0LLFE
Event Code: 11711
Message: Produkt: Microsoft .NET Framework 2.0 Service Pack 2 - Error 1711.Při zapisování instalačních informací na disk došlo k chybě. Přesvědčte se, zda je na disku dostatek místa, a klepněte na tlačítko Opakovat. Chcete-li instalaci ukončit, klepněte na tlačítko Storno.

Record Number: 117082
Source Name: MsiInstaller
Time Written: 20111111062527.000000+060
Event Type: Chyba
User: NT AUTHORITY\SYSTEM

Computer Name: YOUR-YIOCD0LLFE
Event Code: 11711
Message: Produkt: Microsoft .NET Framework 2.0 Service Pack 2 - Error 1711.Při zapisování instalačních informací na disk došlo k chybě. Přesvědčte se, zda je na disku dostatek místa, a klepněte na tlačítko Opakovat. Chcete-li instalaci ukončit, klepněte na tlačítko Storno.

Record Number: 117081
Source Name: MsiInstaller
Time Written: 20111111062520.000000+060
Event Type: Chyba
User: NT AUTHORITY\SYSTEM

Computer Name: YOUR-YIOCD0LLFE
Event Code: 11711
Message: Produkt: Microsoft .NET Framework 2.0 Service Pack 2 - Error 1711.Při zapisování instalačních informací na disk došlo k chybě. Přesvědčte se, zda je na disku dostatek místa, a klepněte na tlačítko Opakovat. Chcete-li instalaci ukončit, klepněte na tlačítko Storno.

Record Number: 117080
Source Name: MsiInstaller
Time Written: 20111111062514.000000+060
Event Type: Chyba
User: NT AUTHORITY\SYSTEM

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 28 Stepping 2, GenuineIntel
"PROCESSOR_REVISION"=1c02
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP

-----------------EOF-----------------

Logfile of random's system information tool 1.09 (written by random/random)
Run by Pepa at 2011-11-13 20:26:49
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 8 MB (0%) free of 4 GB
Total RAM: 1015 MB (41% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:27, on 2011-11-13
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe
C:\Program Files\EeePC\ACPI\AsEPCMon.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\WINDOWS\system32\igfxext.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\EeePC\ACPI\AsTray.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Asus\EeePC\Super Hybrid Engine\SuperHybridEngine.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Documents and Settings\Pepa\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Pepa\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Pepa\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
D:\Dokumenty\Downloads\RSIT.exe
C:\Documents and Settings\Pepa\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Pepa.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - - (no file)
F1 - win.ini: run= C:\WESTWOOD\REDALERT\INSTICON.EXE
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: BS.Player ControlBar - {2C688203-7EB3-4327-9995-1CB417BA23F9} - C:\Program Files\BS.Player ControlBar\BSToolbar.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [AsusTray] C:\Program Files\EeePC\ACPI\AsTray.exe
O4 - HKLM\..\Run: [AsusACPIServer] C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe
O4 - HKLM\..\Run: [AsusEPCMonitor] C:\Program Files\EeePC\ACPI\AsEPCMon.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: AutoRun OSCleaner.lnk = ?
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: SuperHybridEngine.lnk = ?
O8 - Extra context menu item: Odeslat do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat do zařízení Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

--
End of file - 6366 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-2674653762-1354303810-694300319-1006.job
C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-2674653762-1354303810-694300319-1006.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-09-07 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-09-07 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2C688203-7EB3-4327-9995-1CB417BA23F9} - BS.Player ControlBar - C:\Program Files\BS.Player ControlBar\BSToolbar.dll [2008-08-13 757192]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2007-12-19 135168]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2007-12-19 159744]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2007-12-19 131072]
"Adobe Reader Speed Launcher"=D:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
"AsusTray"=C:\Program Files\EeePC\ACPI\AsTray.exe [2008-06-03 98304]
"AsusACPIServer"=C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe [2008-06-03 479232]
"AsusEPCMonitor"=C:\Program Files\EeePC\ACPI\AsEPCMon.exe [2008-05-21 94208]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-07-16 16806400]
"ISUSPM Startup"=C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe [2004-04-17 196608]
"ISUSScheduler"=C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2004-04-13 69632]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]
"UnlockerAssistant"=C:\Program Files\Unlocker\UnlockerAssistant.exe [2010-07-04 17408]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2011-09-06 3722416]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
AutoRun OSCleaner.lnk - C:\Program Files\ASUS\Asus OS Cleaner\AsOSCleaner.exe
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
SuperHybridEngine.lnk - C:\Program Files\Asus\EeePC\Super Hybrid Engine\SuperHybridEngine.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2007-12-19 208896]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDrives"=0
"NoDriveAutoRun"=67108863

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDrives"=0
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\WINDOWS\system32\dxdiag.exe"="C:\WINDOWS\system32\dxdiag.exe:*:Enabled:Microsoft DirectX Diagnostic Tool"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\WINDOWS\system32\dpnsvr.exe"="C:\WINDOWS\system32\dpnsvr.exe:*:Enabled:Microsoft DirectPlay8 Server"
"C:\WINDOWS\system32\dplaysvr.exe"="C:\WINDOWS\system32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Java\jre6\launch4j-tmp\frd.exe"="C:\Program Files\Java\jre6\launch4j-tmp\frd.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype. Take a deep breath "
"D:\Program Files\NinjaTrader 7\bin\NinjaTrader.exe"="D:\Program Files\NinjaTrader 7\bin\NinjaTrader.exe:*:Enabled:NinjaTrader application"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\Program Files\Elcomsoft Password Recovery\Distributed Password Recovery\edpr_server.exe"="C:\Program Files\Elcomsoft Password Recovery\Distributed Password Recovery\edpr_server.exe:*:Enabled:Distributed Password Recovery Server"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"MSVideo8"=VfWWDM32.dll
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv

======List of files/folders created in the last 1 month======

2011-11-13 20:26:49 ----D---- C:\rsit
2011-11-12 23:50:10 ----SHD---- C:\RECYCLER
2011-11-12 23:48:03 ----A---- C:\ComboFix.txt
2011-11-12 13:34:12 ----D---- C:\Qoobox
2011-11-11 22:21:43 ----D---- C:\WINDOWS\temp
2011-11-11 21:29:50 ----A---- C:\WINDOWS\MBR.exe
2011-11-11 21:29:48 ----A---- C:\WINDOWS\PEV.exe
2011-11-11 21:20:28 ----N---- C:\WINDOWS\SchedLgU.Txt
2011-11-11 19:27:35 ----A---- C:\WINDOWS\system32\CF7779.exe
2011-11-11 13:18:14 ----A---- C:\WINDOWS\system32\CF999.exe
2011-11-10 23:21:54 ----D---- C:\Program Files\trend micro
2011-11-10 23:18:28 ----RASHD---- C:\cmdcons
2011-11-10 22:38:59 ----A---- C:\WINDOWS\system32\drivers\aswFsBlk.sys
2011-11-10 22:38:58 ----A---- C:\WINDOWS\system32\drivers\aswSP.sys
2011-11-10 22:38:55 ----A---- C:\WINDOWS\system32\drivers\aswRdr.sys
2011-11-10 22:38:54 ----A---- C:\WINDOWS\system32\drivers\aswTdi.sys
2011-11-10 22:38:53 ----A---- C:\WINDOWS\system32\drivers\aswSnx.sys
2011-11-10 22:38:51 ----A---- C:\WINDOWS\system32\drivers\aswmon2.sys
2011-11-10 22:38:51 ----A---- C:\WINDOWS\system32\drivers\aswmon.sys
2011-11-10 22:38:50 ----A---- C:\WINDOWS\system32\drivers\aavmker4.sys
2011-11-10 22:32:34 ----A---- C:\WINDOWS\avastSS.scr
2011-11-10 22:32:05 ----A---- C:\WINDOWS\system32\aswBoot.exe
2011-11-10 21:53:59 ----A---- C:\WINDOWS\SWREG.exe
2011-11-10 21:36:26 ----A---- C:\WINDOWS\zip.exe
2011-11-10 21:36:26 ----A---- C:\WINDOWS\NIRCMD.exe
2011-11-10 21:36:23 ----A---- C:\WINDOWS\SWXCACLS.exe
2011-11-10 21:36:23 ----A---- C:\WINDOWS\SWSC.exe
2011-11-10 21:36:23 ----A---- C:\WINDOWS\sed.exe
2011-11-10 21:36:23 ----A---- C:\WINDOWS\grep.exe
2011-11-10 21:34:35 ----D---- C:\WINDOWS\ERDNT
2011-11-09 19:11:29 ----HD---- C:\WINDOWS\$hf_mig$
2011-11-09 13:32:55 ----D---- C:\Documents and Settings\Pepa\Data aplikací\Malwarebytes
2011-11-09 13:32:30 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2011-11-09 13:32:27 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2011-11-09 13:32:26 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2011-11-08 20:06:25 ----D---- C:\Program Files\AVAST Software
2011-11-08 20:06:25 ----D---- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
2011-11-02 13:25:22 ----D---- C:\Program Files\msn gaming zone
2011-11-02 13:25:22 ----D---- C:\Program Files\movie maker
2011-11-02 12:53:15 ----D---- C:\Program Files\PCNetSoftware
2011-11-02 11:43:35 ----D---- C:\Program Files\Passware

======List of files/folders modified in the last 1 month======

2011-11-13 20:27:11 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype Extras
2011-11-13 20:26:57 ----D---- C:\WINDOWS\Prefetch
2011-11-13 20:18:01 ----D---- C:\Documents and Settings\Pepa\Data aplikací\Skype
2011-11-13 20:17:10 ----D---- C:\Documents and Settings\Pepa\Data aplikací\skypePM
2011-11-13 20:14:08 ----D---- C:\WINDOWS
2011-11-13 03:18:20 ----D---- C:\WINDOWS\system32
2011-11-13 03:17:36 ----D---- C:\WINDOWS\system32\CatRoot2
2011-11-13 03:02:06 ----HD---- C:\WINDOWS\inf
2011-11-13 03:01:52 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-11-13 03:01:35 ----SHD---- C:\WINDOWS\Installer
2011-11-12 23:48:27 ----D---- C:\WINDOWS\system32\drivers
2011-11-12 23:45:12 ----SD---- C:\WINDOWS\Tasks
2011-11-12 23:30:37 ----A---- C:\WINDOWS\system.ini
2011-11-12 23:26:19 ----D---- C:\WINDOWS\system32\drivers\etc
2011-11-12 23:22:30 ----D---- C:\WINDOWS\system32\config
2011-11-12 21:07:55 ----D---- C:\WINDOWS\AppPatch
2011-11-12 21:07:50 ----D---- C:\Program Files\Common Files
2011-11-12 13:13:24 ----D---- C:\WINDOWS\system32\CatRoot
2011-11-11 23:31:43 ----D---- C:\WINDOWS\system32\1033
2011-11-10 23:21:54 ----RD---- C:\Program Files
2011-11-10 23:19:14 ----RASH---- C:\boot.ini
2011-11-10 22:34:09 ----D---- C:\WINDOWS\WinSxS
2011-11-10 20:53:11 ----D---- C:\WINDOWS\Debug
2011-11-10 20:52:19 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype
2011-11-10 03:00:23 ----A---- C:\WINDOWS\system32\MRT.exe
2011-11-02 13:19:33 ----D---- C:\WINDOWS\Microsoft.NET
2011-11-01 01:27:25 ----RSD---- C:\WINDOWS\assembly
2011-10-18 09:34:21 ----D---- C:\Program Files\Microsoft Silverlight
2011-10-18 09:34:18 ----D---- C:\Program Files\DesetiPrsty
2011-10-17 12:18:56 ----D---- C:\Program Files\Unlocker

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2008-10-01 717296]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2011-09-06 30808]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2011-09-06 34392]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2011-09-06 442200]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2011-09-06 320856]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2011-09-06 52568]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2011-09-06 20568]
R2 aswMon2;aswMon2; C:\WINDOWS\system32\drivers\aswMon2.sys [2011-09-06 110552]
R3 AsusACPI;ASUS ACPI Driver; C:\WINDOWS\system32\DRIVERS\ASUSACPI.sys [2007-07-26 11264]
R3 BTKRNL;Enumenátor sběrnice Bluetooth; C:\WINDOWS\system32\DRIVERS\btkrnl.sys [2008-04-15 990632]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2007-12-19 5854688]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-07-16 4747776]
R3 L1e;Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller; C:\WINDOWS\system32\DRIVERS\l1e51x86.sys [2008-03-12 36864]
R3 RT80x86;Ralink 802.11n Wireless Driver; C:\WINDOWS\system32\DRIVERS\RT2860.sys [2008-03-28 625024]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 usbvideo;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-14 121984]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S3 aondahbj;aondahbj; C:\WINDOWS\system32\drivers\aondahbj.sys []
S3 btaudio;Zvukové zařízení Bluetooth; C:\WINDOWS\system32\drivers\btaudio.sys [2008-04-15 534440]
S3 BTDriver;Bluetooth Virtual Communications Driver; C:\WINDOWS\system32\DRIVERS\btport.sys []
S3 BTWDNDIS;Bluetooth LAN Access Server; C:\WINDOWS\system32\DRIVERS\btwdndis.sys []
S3 btwhid;btwhid; C:\WINDOWS\system32\DRIVERS\btwhid.sys []
S3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2008-03-27 47272]
S3 catchme;catchme; \??\C:\ComboFix\catchmepgwn.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 ivusb;Initio Driver for USB Default Controller; C:\WINDOWS\system32\DRIVERS\ivusb.sys []
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-09-06 44768]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2008-04-14 342624]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-09-07 153376]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Služba Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

Re: Prosím o kontrolu logu, disk C se nekontrolovaně plní

Napsal: 13 lis 2011 20:54
od Rudy
Dělal jste 10.11. sken ComboFix. Poprosím o log z něho. Najdte jej v C:\comobfix.txt. pokud po něm provedete sken RSIT, bude čistý, ComboFix zahladí všechny stopy. Navíc takto riskujete shození systému.

Re: Prosím o kontrolu logu, disk C se nekontrolovaně plní

Napsal: 13 lis 2011 22:31
od Evergreen5
Ano, to jsem dělal. Bohužel se ten log nepovedl, a tak jsem ho smazal. Ve skutečnosi v něm bylo jenom číslo 7. Mám se pokusit udělat nový? Nebo z HJT?

Re: Prosím o kontrolu logu, disk C se nekontrolovaně plní

Napsal: 13 lis 2011 22:51
od Rudy
Ano. Zkuste to v nouz. režimu.

Re: Prosím o kontrolu logu, disk C se nekontrolovaně plní

Napsal: 14 lis 2011 17:18
od Evergreen5
Tak tady je ten log z Combofixu.


ComboFix 11-11-11.06 - Pepa 2011-11-14 13:40:27.9.2 - x86 MINIMAL
Microsoft Windows XP Home Edition 5.1.2600.3.1250.1.1029.18.1015.704 [GMT 1:00]
Spuštěný z: c:\documents and settings\Pepa\Plocha\ComboFix.exe
AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-10-14 do 2011-11-14 )))))))))))))))))))))))))))))))
.
.
2011-11-13 19:26 . 2011-11-13 19:27 -------- d-----w- C:\rsit
2011-11-11 19:42 . 2011-11-11 19:42 390144 ----a-w- c:\windows\system32\cmd.execf
2011-11-11 18:27 . 2011-11-11 18:26 390144 ----a-w- c:\windows\system32\CF7779.exe
2011-11-11 12:18 . 2011-11-11 12:17 390144 ----a-w- c:\windows\system32\CF999.exe
2011-11-10 22:21 . 2011-11-13 19:27 -------- d-----w- c:\program files\trend micro
2011-11-10 21:38 . 2011-09-06 21:36 20568 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-11-10 21:38 . 2011-09-06 21:37 320856 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-11-10 21:38 . 2011-09-06 21:36 34392 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-11-10 21:38 . 2011-09-06 21:36 52568 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-11-10 21:38 . 2011-09-06 21:38 442200 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-11-10 21:38 . 2011-09-06 21:36 110552 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2011-11-10 21:38 . 2011-09-06 21:36 104536 ----a-w- c:\windows\system32\drivers\aswmon.sys
2011-11-10 21:38 . 2011-09-06 21:33 30808 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2011-11-10 21:32 . 2011-09-06 21:45 41184 ----a-w- c:\windows\avastSS.scr
2011-11-10 21:32 . 2011-09-06 21:45 199304 ----a-w- c:\windows\system32\aswBoot.exe
2011-11-09 18:11 . 2011-11-11 18:04 -------- d--h--w- c:\windows\$hf_mig$
2011-11-09 12:32 . 2011-11-09 12:32 -------- d-----w- c:\documents and settings\Pepa\Data aplikací\Malwarebytes
2011-11-09 12:32 . 2011-11-09 12:32 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2011-11-09 12:32 . 2011-08-31 16:00 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-11-09 12:32 . 2011-11-09 12:32 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-11-08 19:06 . 2011-11-10 21:25 -------- d-----w- c:\program files\AVAST Software
2011-11-08 19:06 . 2011-11-10 21:25 -------- d-----w- c:\documents and settings\All Users\Data aplikací\AVAST Software
2011-11-05 15:17 . 2011-11-05 15:17 -------- d-----w- c:\documents and settings\Pepa\Local Settings\Data aplikací\PCHealth
2011-11-02 11:53 . 2011-11-02 11:53 -------- d-----w- c:\program files\PCNetSoftware
2011-11-02 10:43 . 2011-11-02 10:43 -------- d-----w- c:\program files\Passware
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-10-10 14:22 . 2008-05-15 07:48 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-09-28 07:06 . 2008-05-07 21:57 602112 ----a-w- c:\windows\system32\crypt32.dll
2011-09-26 09:41 . 2008-05-07 21:58 22528 ----a-w- c:\windows\system32\oleaccrc.dll
2011-09-26 09:41 . 2007-10-09 11:03 613376 ----a-w- c:\windows\system32\uiautomationcore.dll
2011-09-26 09:41 . 2008-05-07 21:58 220160 ----a-w- c:\windows\system32\oleacc.dll
2011-09-06 14:10 . 2008-05-07 21:58 1858944 ----a-w- c:\windows\system32\win32k.sys
2011-09-05 13:56 . 2008-05-07 21:58 668160 ----a-w- c:\windows\system32\wininet.dll
2011-09-05 13:56 . 2008-05-07 21:58 61952 ----a-w- c:\windows\system32\tdc.ocx
2011-09-05 13:56 . 2008-05-07 21:57 81920 ----a-w- c:\windows\system32\ieencode.dll
2011-09-05 13:55 . 2008-05-07 21:57 370176 ----a-w- c:\windows\system32\html.iec
2011-08-17 13:49 . 2008-05-07 21:56 138496 ----a-w- c:\windows\system32\drivers\afd.sys
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2008-04-14 . 7FDE9FC15765E02B23E1756930165AD1 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\linkinfo.dll
[-] 2008-04-14 . 7FDE9FC15765E02B23E1756930165AD1 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\linkinfo.dll
.
[-] 2008-04-14 . C66BA7BD13C8FB8BEC4863B88641C763 . 22016 . . [5.1.2600.5512] . . c:\windows\system32\lpk.dll
[-] 2008-04-14 . C66BA7BD13C8FB8BEC4863B88641C763 . 22016 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\lpk.dll
.
[-] 2008-04-14 . D165DFCB4EA452510E53416F573018BB . 343040 . . [7.0.2600.5512] . . c:\windows\system32\msvcrt.dll
[-] 2008-04-14 . D165DFCB4EA452510E53416F573018BB . 343040 . . [7.0.2600.5512] . . c:\windows\system32\dllcache\msvcrt.dll
[-] 2008-04-14 . 4200BE3808F6406DBE45A7B88DAE5035 . 322560 . . [7.0.2600.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.0.0_x-ww_2726e76a\msvcrt.dll
[-] 2008-04-14 . EC8D5E09C6CA5F52858A5EB71F308FDF . 343040 . . [7.0.2600.5512] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.5512_x-ww_3fd60d63\msvcrt.dll
.
[-] 2008-04-14 . C2ED0E3408F50BBC149D4F0936E67832 . 407040 . . [5.1.2600.5512] . . c:\windows\system32\netlogon.dll
[-] 2008-04-14 . C2ED0E3408F50BBC149D4F0936E67832 . 407040 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\netlogon.dll
.
[-] 2008-04-14 . 9FA69781CAA7A1DA981A24F240A61A60 . 17408 . . [6.00.2900.5512] . . c:\windows\system32\powrprof.dll
[-] 2008-04-14 . 9FA69781CAA7A1DA981A24F240A61A60 . 17408 . . [6.00.2900.5512] . . c:\windows\system32\dllcache\powrprof.dll
.
[-] 2008-04-14 . 830CE8951C71F361D7D2F38416CC8BC1 . 185856 . . [5.1.2600.5512] . . c:\windows\system32\scecli.dll
[-] 2008-04-14 . 830CE8951C71F361D7D2F38416CC8BC1 . 185856 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\scecli.dll
.
[-] 2008-04-14 . 5EE949255BABC0B17C09DDB2E59E3878 . 5120 . . [5.1.2600.5512] . . c:\windows\system32\sfc.dll
[-] 2008-04-14 . 5EE949255BABC0B17C09DDB2E59E3878 . 5120 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\sfc.dll
.
[-] 2008-04-14 . BE4A520E29B6391F49E79CCC52044D93 . 14336 . . [5.1.2600.5512] . . c:\windows\system32\svchost.exe
[-] 2008-04-14 . BE4A520E29B6391F49E79CCC52044D93 . 14336 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\svchost.exe
.
[-] 2008-04-14 . C2546CD7A398476F9DF5614B2AE160E8 . 249856 . . [5.1.2600.5512] . . c:\windows\system32\tapisrv.dll
[-] 2008-04-14 . C2546CD7A398476F9DF5614B2AE160E8 . 249856 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\tapisrv.dll
.
[-] 2008-04-14 . E16E0990967374E76F3E40CACAFD3D53 . 578560 . . [5.1.2600.5512] . . c:\windows\system32\user32.dll
[-] 2008-04-14 . E16E0990967374E76F3E40CACAFD3D53 . 578560 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\user32.dll
.
[-] 2008-04-14 . 7DC1830F22E7D275B438127B68030239 . 26112 . . [5.1.2600.5512] . . c:\windows\system32\userinit.exe
[-] 2008-04-14 . 7DC1830F22E7D275B438127B68030239 . 26112 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\userinit.exe
.
[-] 2008-04-14 . 951D473917C51F21496D914CF6E5DDD1 . 82432 . . [5.1.2600.5512] . . c:\windows\system32\ws2_32.dll
[-] 2008-04-14 . 951D473917C51F21496D914CF6E5DDD1 . 82432 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ws2_32.dll
.
[-] 2008-04-14 . 859F7735F199C90403340183A3DDFB78 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\ws2help.dll
[-] 2008-04-14 . 859F7735F199C90403340183A3DDFB78 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ws2help.dll
.
[-] 2008-04-14 . 27AFD587C462E280EE046B8CCA3C2CD1 . 1034240 . . [6.00.2900.5512] . . c:\windows\explorer.exe
[-] 2008-04-14 . 27AFD587C462E280EE046B8CCA3C2CD1 . 1034240 . . [6.00.2900.5512] . . c:\windows\system32\dllcache\explorer.exe
.
[-] 2008-04-14 . FDEB1D02CAE38665CBF114F44E6B997E . 147968 . . [5.1.2600.5512] . . c:\windows\regedit.exe
[-] 2008-04-14 . FDEB1D02CAE38665CBF114F44E6B997E . 147968 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\regedit.exe
.
[-] 2010-07-16 . 6D1A3A355CA2AC64D2D5BAEC25C16427 . 1287680 . . [5.1.2600.6010] . . c:\windows\system32\ole32.dll
[-] 2010-07-16 . 6D1A3A355CA2AC64D2D5BAEC25C16427 . 1287680 . . [5.1.2600.6010] . . c:\windows\system32\dllcache\ole32.dll
.
[-] 2010-04-16 . A0C90E01D288A618AE6B99E92B7E0115 . 406016 . . [1.0420.2600.5969] . . c:\windows\system32\usp10.dll
[-] 2010-04-16 . A0C90E01D288A618AE6B99E92B7E0115 . 406016 . . [1.0420.2600.5969] . . c:\windows\system32\dllcache\usp10.dll
.
[-] 2008-04-14 . AF6A4BCDE2343E8562D3003A1740CC96 . 4096 . . [5.3.2600.5512] . . c:\windows\system32\ksuser.dll
[-] 2008-04-14 . AF6A4BCDE2343E8562D3003A1740CC96 . 4096 . . [5.3.2600.5512] . . c:\windows\system32\dllcache\ksuser.dll
.
[-] 2008-04-14 . A756B8F0F7BAFBA6DFE39F7D169F2519 . 15360 . . [5.1.2600.5512] . . c:\windows\system32\ctfmon.exe
[-] 2008-04-14 . A756B8F0F7BAFBA6DFE39F7D169F2519 . 15360 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ctfmon.exe
.
[-] 2009-07-27 . EE9A2B9EA968A792A053C9D1A86BF870 . 135168 . . [6.00.2900.5853] . . c:\windows\system32\shsvcs.dll
[-] 2009-07-27 . EE9A2B9EA968A792A053C9D1A86BF870 . 135168 . . [6.00.2900.5853] . . c:\windows\system32\dllcache\shsvcs.dll
.
[-] 2008-04-14 . 35B91147124F64AC8081A2EDB9EA4DEE . 171008 . . [5.1.2600.5512] . . c:\windows\system32\srsvc.dll
[-] 2008-04-14 . 35B91147124F64AC8081A2EDB9EA4DEE . 171008 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\srsvc.dll
.
[-] 2008-04-14 . 278A14BEDEF58687EAF8BEC056A78D8B . 13824 . . [5.1.2600.5512] . . c:\windows\system32\wscntfy.exe
[-] 2008-04-14 . 278A14BEDEF58687EAF8BEC056A78D8B . 13824 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\wscntfy.exe
.
[-] 2008-04-14 . EAA4BB9EDB3FB10CF8979FE65E63658F . 129024 . . [5.1.2600.5512] . . c:\windows\system32\xmlprov.dll
[-] 2008-04-14 . EAA4BB9EDB3FB10CF8979FE65E63658F . 129024 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\xmlprov.dll
.
[-] 2008-04-14 . 2EE99F67C930931EB404DADCE57E976E . 56320 . . [5.1.2600.5512] . . c:\windows\system32\eventlog.dll
[-] 2008-04-14 . 2EE99F67C930931EB404DADCE57E976E . 56320 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\eventlog.dll
.
[-] 2008-04-14 . 56A6034E7764E23D9114223EB3523925 . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
[-] 2008-04-14 . 56A6034E7764E23D9114223EB3523925 . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\sfcfiles.dll
.
[-] 2008-04-14 . 8F31505484A190D5B22274708799F4EC . 59904 . . [5.1.2600.5512] . . c:\windows\system32\regsvc.dll
[-] 2008-04-14 . 8F31505484A190D5B22274708799F4EC . 59904 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\regsvc.dll
.
[-] 2008-04-14 . 3FF232A7731621B8902D81D42418C93C . 192512 . . [5.1.2600.5512] . . c:\windows\system32\schedsvc.dll
[-] 2008-04-14 . 3FF232A7731621B8902D81D42418C93C . 192512 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\schedsvc.dll
.
[-] 2008-04-14 . BECD5271DC4E3B7C3D035F790FCBC1E5 . 71680 . . [5.1.2600.5512] . . c:\windows\system32\ssdpsrv.dll
[-] 2008-04-14 . BECD5271DC4E3B7C3D035F790FCBC1E5 . 71680 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ssdpsrv.dll
.
[-] 2008-04-14 . A75DD6FC3DBEE4FFF5EBC9F2C28BB66E . 295936 . . [5.1.2600.5512] . . c:\windows\system32\termsrv.dll
[-] 2008-04-14 . A75DD6FC3DBEE4FFF5EBC9F2C28BB66E . 295936 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\termsrv.dll
.
[-] 2008-04-14 . ED18ADEE4AA21EB26977260152D7241A . 345088 . . [5.1.2600.5512] . . c:\windows\system32\hnetcfg.dll
[-] 2008-04-14 . ED18ADEE4AA21EB26977260152D7241A . 345088 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\hnetcfg.dll
.
[-] 2008-04-14 . AFDFF022A01F0B11C776F0860C3B282F . 11776 . . [5.1.2600.0] . . c:\windows\system32\drivers\acpiec.sys
.
[-] 2008-04-13 20:09 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\system32\dllcache\aec.sys
[-] 2008-04-13 20:09 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\system32\drivers\aec.sys
.
[-] 2008-04-14 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ip6fw.sys
[-] 2008-04-14 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ip6fw.sys
.
[-] 2008-04-14 . 221CD1C815B8A6B79389C3F5D1018DE8 . 33792 . . [5.1.2600.5512] . . c:\windows\system32\msgsvc.dll
[-] 2008-04-14 . 221CD1C815B8A6B79389C3F5D1018DE8 . 33792 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\msgsvc.dll
.
[-] 2008-04-14 12:00 . 6199B2AE3F9DB9CB6DB230471A1DC601 . 52224 . . [9.0.1.56] . . c:\windows\system32\mspmsnsv.dll
[-] 2008-04-14 12:00 . 6199B2AE3F9DB9CB6DB230471A1DC601 . 52224 . . [9.0.1.56] . . c:\windows\system32\dllcache\mspmsnsv.dll
.
[-] 2008-04-14 12:00 . 023DD70573D644F3D9C8B1258A7BFD08 . 435712 . . [5.1.2400.5512] . . c:\windows\system32\ntmssvc.dll
[-] 2008-04-14 12:00 . 023DD70573D644F3D9C8B1258A7BFD08 . 435712 . . [5.1.2400.5512] . . c:\windows\system32\dllcache\ntmssvc.dll
.
[-] 2008-04-14 . 651BD90DCEE5B7BDC74A2EB7C9266F9E . 186368 . . [5.1.2600.5512] . . c:\windows\system32\upnphost.dll
[-] 2008-04-14 . 651BD90DCEE5B7BDC74A2EB7C9266F9E . 186368 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\upnphost.dll
.
[-] 2008-04-14 . 8E009E7AC012823845D5F39A77F4A27F . 367616 . . [5.3.2600.5512] . . c:\windows\system32\dsound.dll
[-] 2008-04-14 . 8E009E7AC012823845D5F39A77F4A27F . 367616 . . [5.3.2600.5512] . . c:\windows\system32\dllcache\dsound.dll
.
[-] 2008-04-14 . 3B8AE11A3419DF8239183E94888702FA . 1689088 . . [5.03.2600.5512] . . c:\windows\system32\d3d9.dll
[-] 2008-04-14 . 3B8AE11A3419DF8239183E94888702FA . 1689088 . . [5.03.2600.5512] . . c:\windows\system32\dllcache\d3d9.dll
.
[-] 2008-04-14 . EDAD701F01FFD9B5799B8FCF1CF6BDA7 . 279552 . . [5.03.2600.5512] . . c:\windows\system32\ddraw.dll
[-] 2008-04-14 . EDAD701F01FFD9B5799B8FCF1CF6BDA7 . 279552 . . [5.03.2600.5512] . . c:\windows\system32\dllcache\ddraw.dll
.
[-] 2008-04-14 12:00 . 16C195EBC0A3EC35C48D0C2D9A346BAB . 84992 . . [5.1.2600.5512] . . c:\windows\system32\olepro32.dll
[-] 2008-04-14 12:00 . 16C195EBC0A3EC35C48D0C2D9A346BAB . 84992 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\olepro32.dll
.
[-] 2008-04-14 . 1682285F7C0934C764A0EBBC568153CA . 39936 . . [5.1.2600.5512] . . c:\windows\system32\perfctrs.dll
[-] 2008-04-14 . 1682285F7C0934C764A0EBBC568153CA . 39936 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\perfctrs.dll
.
[-] 2008-04-14 . 614F8186BDAB926E3B1D8927A4161B54 . 18944 . . [5.1.2600.5512] . . c:\windows\system32\version.dll
[-] 2008-04-14 . 614F8186BDAB926E3B1D8927A4161B54 . 18944 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\version.dll
.
[-] 2008-04-14 . 414AFE6E8CCDE984E16D5ED08624CEC6 . 93184 . . [6.00.2900.5512] . . c:\windows\system32\dllcache\iexplore.exe
.
[-] 2008-04-14 . 35B91147124F64AC8081A2EDB9EA4DEE . 171008 . . [5.1.2600.5512] . . c:\windows\system32\srsvc.dll
[-] 2008-04-14 . 35B91147124F64AC8081A2EDB9EA4DEE . 171008 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\srsvc.dll
.
[-] 2008-04-14 . FA4E1CDBA256787F2149F4AAD07BC91F . 176640 . . [5.1.2600.5512] . . c:\windows\system32\w32time.dll
[-] 2008-04-14 . FA4E1CDBA256787F2149F4AAD07BC91F . 176640 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\w32time.dll
.
[-] 2008-04-14 . C1CDD9275F6A115BB0AE1D55D8D27BA6 . 334336 . . [5.1.2600.5512] . . c:\windows\system32\wiaservc.dll
[-] 2008-04-14 . C1CDD9275F6A115BB0AE1D55D8D27BA6 . 334336 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\wiaservc.dll
.
[-] 2008-04-14 . 160A1500DDBE42F8793E3AD341E4BEC4 . 18944 . . [5.1.2600.5512] . . c:\windows\system32\midimap.dll
[-] 2008-04-14 . 160A1500DDBE42F8793E3AD341E4BEC4 . 18944 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\midimap.dll
.
[-] 2008-04-14 . B26098F3DC08D841DE3D79C38ACCB807 . 7680 . . [5.1.2600.5512] . . c:\windows\system32\rasadhlp.dll
[-] 2008-04-14 . B26098F3DC08D841DE3D79C38ACCB807 . 7680 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\rasadhlp.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-09-06 21:45 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-12-19 135168]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-12-19 159744]
"Persistence"="c:\windows\system32\igfxpers.exe" [2007-12-19 131072]
"Adobe Reader Speed Launcher"="d:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"AsusTray"="c:\program files\EeePC\ACPI\AsTray.exe" [2008-06-03 98304]
"AsusACPIServer"="c:\program files\EeePC\ACPI\AsAcpiSvr.exe" [2008-06-03 479232]
"AsusEPCMonitor"="c:\program files\EeePC\ACPI\AsEPCMon.exe" [2008-05-20 94208]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe" [2004-04-17 196608]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2004-04-13 69632]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"UnlockerAssistant"="c:\program files\Unlocker\UnlockerAssistant.exe" [2010-07-04 17408]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-09-06 3722416]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
AutoRun OSCleaner.lnk - c:\program files\ASUS\Asus OS Cleaner\AsOSCleaner.exe [2008-8-26 118784]
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-4-14 596584]
SuperHybridEngine.lnk - c:\program files\Asus\EeePC\Super Hybrid Engine\SuperHybridEngine.exe [2008-7-21 303104]
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\system32\\dxdiag.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\WINDOWS\\system32\\dpnsvr.exe"=
"c:\\WINDOWS\\system32\\dplaysvr.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Java\\jre6\\launch4j-tmp\\frd.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [2008-10-01 717296]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2011-11-10 442200]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2011-11-10 320856]
S2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2011-11-10 20568]
S3 ivusb;Initio Driver for USB Default Controller;c:\windows\system32\DRIVERS\ivusb.sys --> c:\windows\system32\DRIVERS\ivusb.sys [?]
S3 RT80x86;Ralink 802.11n Wireless Driver;c:\windows\system32\drivers\rt2860.sys [2008-08-26 625024]
.
Obsah adresáře 'Naplánované úlohy'
.
2011-11-14 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-2674653762-1354303810-694300319-1006.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-01-24 13:25]
.
2011-11-03 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-2674653762-1354303810-694300319-1006.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-01-24 13:25]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://start.icq.com/
uInternet Connection Wizard,ShellNext = iexplore
IE: Odeslat do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat do zařízení Bluetooth - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 192.168.1.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-Google Chrome - c:\documents and settings\Pepa\Local Settings\Data aplikací\Google\Chrome\Application\13.0.782.220\Installer\setup.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-11-14 13:48
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 5.1.2600 Disk: ASUS-PHISON_SSD rev.TST2.04U -> Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T1L0-e
.
device: opened successfully
user: MBR read successfully
kernel: MBR read successfully
user != kernel MBR !!!
sectors 7880542 (+255): user != kernel
.
**************************************************************************
.
Celkový čas: 2011-11-14 13:54:08
ComboFix-quarantined-files.txt 2011-11-14 12:54
.
Před spuštěním: 67,809,280
Po spuštění: 49,627,136
.
- - End Of File - - D03FCE939D2BE61FDA17EBC51875FC64

Re: Prosím o kontrolu logu, disk C se nekontrolovaně plní

Napsal: 14 lis 2011 18:08
od Rudy
Stáhněte a spusťte TDSSKiller: http://support.kaspersky.com/downloads/ ... killer.zip . Spusťte, proveďte sken a dejte log:

Obrázek

Re: Prosím o kontrolu logu, disk C se nekontrolovaně plní

Napsal: 14 lis 2011 18:28
od Evergreen5
18:24:53.0765 3216 TDSS rootkit removing tool 2.6.18.0 Nov 11 2011 15:47:15
18:24:55.0765 3216 ============================================================
18:24:55.0765 3216 Current date / time: 2011/11/14 18:24:55.0765
18:24:55.0765 3216 SystemInfo:
18:24:55.0765 3216
18:24:55.0765 3216 OS Version: 5.1.2600 ServicePack: 3.0
18:24:55.0765 3216 Product type: Workstation
18:24:55.0765 3216 ComputerName: YOUR-YIOCD0LLFE
18:24:55.0765 3216 UserName: Pepa
18:24:55.0765 3216 Windows directory: C:\WINDOWS
18:24:55.0765 3216 System windows directory: C:\WINDOWS
18:24:55.0765 3216 Processor architecture: Intel x86
18:24:55.0765 3216 Number of processors: 2
18:24:55.0765 3216 Page size: 0x1000
18:24:55.0765 3216 Boot type: Normal boot
18:24:55.0765 3216 ============================================================
18:24:59.0687 3216 Initialize success
18:25:22.0703 2028 ============================================================
18:25:22.0703 2028 Scan started
18:25:22.0703 2028 Mode: Manual;
18:25:22.0703 2028 ============================================================
18:25:23.0234 2028 Aavmker4 (95d1de2a6613494e853a9738d5d9acd4) C:\WINDOWS\system32\drivers\Aavmker4.sys
18:25:23.0250 2028 Aavmker4 - ok
18:25:23.0265 2028 Abiosdsk - ok
18:25:23.0296 2028 abp480n5 - ok
18:25:23.0343 2028 ACPI (4fe34f1f3126b61fcc6b2043aa8112c9) C:\WINDOWS\system32\DRIVERS\ACPI.sys
18:25:23.0359 2028 ACPI - ok
18:25:23.0375 2028 ACPIEC (afdff022a01f0b11c776f0860c3b282f) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
18:25:23.0390 2028 ACPIEC - ok
18:25:23.0406 2028 adpu160m - ok
18:25:23.0453 2028 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
18:25:23.0453 2028 aec - ok
18:25:23.0484 2028 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
18:25:23.0500 2028 AFD - ok
18:25:23.0515 2028 Aha154x - ok
18:25:23.0546 2028 aic78u2 - ok
18:25:23.0578 2028 aic78xx - ok
18:25:23.0625 2028 AliIde - ok
18:25:23.0656 2028 amsint - ok
18:25:23.0687 2028 asc - ok
18:25:23.0718 2028 asc3350p - ok
18:25:23.0750 2028 asc3550 - ok
18:25:23.0796 2028 AsusACPI (784fcb197f9a50a419d8ce4980655ae4) C:\WINDOWS\system32\DRIVERS\ASUSACPI.sys
18:25:23.0812 2028 AsusACPI - ok
18:25:23.0843 2028 aswFsBlk (c47623ffd181a1e7d63574dde2a0a711) C:\WINDOWS\system32\drivers\aswFsBlk.sys
18:25:23.0843 2028 aswFsBlk - ok
18:25:23.0875 2028 aswMon2 (fff2dbb17a3c89f87f78d5fa72ca47fd) C:\WINDOWS\system32\drivers\aswMon2.sys
18:25:23.0875 2028 aswMon2 - ok
18:25:23.0906 2028 aswRdr (36239e24470a3dd81fae37510953cc6c) C:\WINDOWS\system32\drivers\aswRdr.sys
18:25:23.0906 2028 aswRdr - ok
18:25:23.0968 2028 aswSnx (caa846e9c83836bdc3d2d700c678db65) C:\WINDOWS\system32\drivers\aswSnx.sys
18:25:23.0968 2028 aswSnx - ok
18:25:24.0015 2028 aswSP (748ae7f2d7da33adb063fe05704a9969) C:\WINDOWS\system32\drivers\aswSP.sys
18:25:24.0031 2028 aswSP - ok
18:25:24.0046 2028 aswTdi (ca9925ce1dbd07ffe1eb357752cf5577) C:\WINDOWS\system32\drivers\aswTdi.sys
18:25:24.0062 2028 aswTdi - ok
18:25:24.0078 2028 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
18:25:24.0093 2028 AsyncMac - ok
18:25:24.0125 2028 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
18:25:24.0125 2028 atapi - ok
18:25:24.0156 2028 Atdisk - ok
18:25:24.0187 2028 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
18:25:24.0187 2028 Atmarpc - ok
18:25:24.0218 2028 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
18:25:24.0218 2028 audstub - ok
18:25:24.0265 2028 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
18:25:24.0281 2028 Beep - ok
18:25:24.0343 2028 btaudio (faba1418646a2b433c0bded6ff92d2fa) C:\WINDOWS\system32\drivers\btaudio.sys
18:25:24.0375 2028 btaudio - ok
18:25:24.0390 2028 BTDriver - ok
18:25:24.0468 2028 BTKRNL (aef038061bc1cafb4865d43a85beb1a1) C:\WINDOWS\system32\DRIVERS\btkrnl.sys
18:25:24.0500 2028 BTKRNL - ok
18:25:24.0531 2028 BTWDNDIS - ok
18:25:24.0562 2028 btwhid - ok
18:25:24.0593 2028 BTWUSB (179a37c86fd2b9cc28eb93d093d394c7) C:\WINDOWS\system32\Drivers\btwusb.sys
18:25:24.0593 2028 BTWUSB - ok
18:25:24.0609 2028 catchme - ok
18:25:24.0640 2028 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
18:25:24.0640 2028 cbidf2k - ok
18:25:24.0671 2028 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
18:25:24.0687 2028 CCDECODE - ok
18:25:24.0703 2028 cd20xrnt - ok
18:25:24.0734 2028 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
18:25:24.0750 2028 Cdaudio - ok
18:25:24.0781 2028 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
18:25:24.0781 2028 Cdfs - ok
18:25:24.0812 2028 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
18:25:24.0812 2028 Cdrom - ok
18:25:24.0843 2028 Changer - ok
18:25:24.0890 2028 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
18:25:24.0890 2028 CmBatt - ok
18:25:24.0921 2028 CmdIde - ok
18:25:24.0953 2028 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
18:25:24.0953 2028 Compbatt - ok
18:25:25.0015 2028 Cpqarray - ok
18:25:25.0046 2028 dac2w2k - ok
18:25:25.0078 2028 dac960nt - ok
18:25:25.0125 2028 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
18:25:25.0140 2028 Disk - ok
18:25:25.0203 2028 dmboot (db5fd2bf5b07dc54bfcb3664ff05bd7c) C:\WINDOWS\system32\drivers\dmboot.sys
18:25:25.0250 2028 dmboot - ok
18:25:25.0281 2028 dmio (fff1720af51171f32f1ead5cf71f2810) C:\WINDOWS\system32\drivers\dmio.sys
18:25:25.0296 2028 dmio - ok
18:25:25.0328 2028 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
18:25:25.0328 2028 dmload - ok
18:25:25.0359 2028 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
18:25:25.0375 2028 DMusic - ok
18:25:25.0406 2028 dpti2o - ok
18:25:25.0437 2028 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
18:25:25.0453 2028 drmkaud - ok
18:25:25.0515 2028 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
18:25:25.0531 2028 Fastfat - ok
18:25:25.0562 2028 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
18:25:25.0562 2028 Fdc - ok
18:25:25.0593 2028 Fips (ac366695a0796560aa37215ad5762aaf) C:\WINDOWS\system32\drivers\Fips.sys
18:25:25.0593 2028 Fips - ok
18:25:25.0625 2028 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
18:25:25.0640 2028 Flpydisk - ok
18:25:25.0671 2028 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
18:25:25.0671 2028 FltMgr - ok
18:25:25.0703 2028 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
18:25:25.0718 2028 Fs_Rec - ok
18:25:25.0750 2028 Ftdisk (4e664d8541db4a66b73a24257e322e1f) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
18:25:25.0765 2028 Ftdisk - ok
18:25:25.0781 2028 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
18:25:25.0796 2028 Gpc - ok
18:25:25.0828 2028 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
18:25:25.0828 2028 HDAudBus - ok
18:25:25.0875 2028 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
18:25:25.0875 2028 HidUsb - ok
18:25:25.0906 2028 hpn - ok
18:25:25.0953 2028 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
18:25:25.0968 2028 HTTP - ok
18:25:26.0000 2028 i2omgmt - ok
18:25:26.0031 2028 i2omp - ok
18:25:26.0062 2028 i8042prt (c528e27945367191e7bae364930b6932) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
18:25:26.0062 2028 i8042prt - ok
18:25:26.0390 2028 ialm (0f68e2ec713f132ffb19e45415b09679) C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
18:25:26.0687 2028 ialm - ok
18:25:26.0734 2028 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
18:25:26.0750 2028 Imapi - ok
18:25:26.0781 2028 ini910u - ok
18:25:26.0812 2028 IntcAzAudAddService - ok
18:25:26.0843 2028 IntelIde - ok
18:25:26.0875 2028 intelppm (27b290d632af2cf3cf40bfddb7370985) C:\WINDOWS\system32\DRIVERS\intelppm.sys
18:25:26.0890 2028 intelppm - ok
18:25:26.0921 2028 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
18:25:26.0921 2028 Ip6Fw - ok
18:25:26.0953 2028 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
18:25:26.0953 2028 IpFilterDriver - ok
18:25:26.0984 2028 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
18:25:26.0984 2028 IpInIp - ok
18:25:27.0015 2028 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
18:25:27.0031 2028 IpNat - ok
18:25:27.0062 2028 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
18:25:27.0078 2028 IPSec - ok
18:25:27.0093 2028 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
18:25:27.0109 2028 IRENUM - ok
18:25:27.0140 2028 isapnp (cc9f8a2d60aed1a51a3ac34c59b987ae) C:\WINDOWS\system32\DRIVERS\isapnp.sys
18:25:27.0140 2028 isapnp - ok
18:25:27.0171 2028 ivusb - ok
18:25:27.0218 2028 Kbdclass (1b6162fe7f66b1a71a4b70f941c4aa9b) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
18:25:27.0218 2028 Kbdclass - ok
18:25:27.0250 2028 kbdhid (86c8f23616c6c6e5b2776901c17b945b) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
18:25:27.0250 2028 kbdhid - ok
18:25:27.0281 2028 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
18:25:27.0296 2028 kmixer - ok
18:25:27.0328 2028 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
18:25:27.0328 2028 KSecDD - ok
18:25:27.0359 2028 L1e (303627228dd739d98289679901a38c8f) C:\WINDOWS\system32\DRIVERS\l1e51x86.sys
18:25:27.0375 2028 L1e - ok
18:25:27.0406 2028 lbrtfdc - ok
18:25:27.0468 2028 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
18:25:27.0484 2028 mnmdd - ok
18:25:27.0515 2028 Modem (44032b0c6d9954d3fd26438330b99ee7) C:\WINDOWS\system32\drivers\Modem.sys
18:25:27.0515 2028 Modem - ok
18:25:27.0546 2028 Mouclass (4cb582831dbde63ce43b45d771218374) C:\WINDOWS\system32\DRIVERS\mouclass.sys
18:25:27.0562 2028 Mouclass - ok
18:25:27.0578 2028 mouhid (bb269eba740737ab749b214d568b6812) C:\WINDOWS\system32\DRIVERS\mouhid.sys
18:25:27.0593 2028 mouhid - ok
18:25:27.0609 2028 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
18:25:27.0625 2028 MountMgr - ok
18:25:27.0640 2028 mraid35x - ok
18:25:27.0687 2028 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
18:25:27.0703 2028 MRxDAV - ok
18:25:27.0750 2028 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
18:25:27.0781 2028 MRxSmb - ok
18:25:27.0812 2028 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
18:25:27.0828 2028 Msfs - ok
18:25:27.0859 2028 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
18:25:27.0875 2028 MSKSSRV - ok
18:25:27.0890 2028 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
18:25:27.0906 2028 MSPCLOCK - ok
18:25:27.0937 2028 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
18:25:27.0937 2028 MSPQM - ok
18:25:27.0968 2028 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
18:25:27.0968 2028 mssmbios - ok
18:25:28.0000 2028 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
18:25:28.0000 2028 MSTEE - ok
18:25:28.0031 2028 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
18:25:28.0046 2028 Mup - ok
18:25:28.0078 2028 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
18:25:28.0093 2028 NABTSFEC - ok
18:25:28.0125 2028 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
18:25:28.0140 2028 NDIS - ok
18:25:28.0171 2028 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
18:25:28.0171 2028 NdisIP - ok
18:25:28.0203 2028 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
18:25:28.0203 2028 NdisTapi - ok
18:25:28.0234 2028 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
18:25:28.0250 2028 Ndisuio - ok
18:25:28.0281 2028 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
18:25:28.0281 2028 NdisWan - ok
18:25:28.0312 2028 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
18:25:28.0312 2028 NDProxy - ok
18:25:28.0343 2028 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
18:25:28.0359 2028 NetBIOS - ok
18:25:28.0390 2028 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
18:25:28.0406 2028 NetBT - ok
18:25:28.0484 2028 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
18:25:28.0484 2028 Npfs - ok
18:25:28.0546 2028 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
18:25:28.0578 2028 Ntfs - ok
18:25:28.0609 2028 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
18:25:28.0625 2028 Null - ok
18:25:28.0656 2028 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
18:25:28.0656 2028 NwlnkFlt - ok
18:25:28.0781 2028 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
18:25:28.0781 2028 NwlnkFwd - ok
18:25:28.0828 2028 Parport (46f8db73b4a53e543f8e371dc7c75bae) C:\WINDOWS\system32\drivers\Parport.sys
18:25:28.0843 2028 Parport - ok
18:25:28.0875 2028 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
18:25:28.0875 2028 PartMgr - ok
18:25:28.0906 2028 ParVdm (1fae19d0457176318bba4a8795656ebc) C:\WINDOWS\system32\drivers\ParVdm.sys
18:25:28.0906 2028 ParVdm - ok
18:25:28.0937 2028 PCI (6ce351d149cb4befc702951e471e1730) C:\WINDOWS\system32\DRIVERS\pci.sys
18:25:28.0953 2028 PCI - ok
18:25:28.0968 2028 PCIDump - ok
18:25:29.0015 2028 PCIIde (2da4ec85e0ea7a45c6b2a05820492d5a) C:\WINDOWS\system32\DRIVERS\pciide.sys
18:25:29.0015 2028 PCIIde - ok
18:25:29.0046 2028 Pcmcia (4fc31e6c19a5ce5198b1abff94cae758) C:\WINDOWS\system32\drivers\Pcmcia.sys
18:25:29.0062 2028 Pcmcia - ok
18:25:29.0078 2028 PDCOMP - ok
18:25:29.0109 2028 PDFRAME - ok
18:25:29.0140 2028 PDRELI - ok
18:25:29.0171 2028 PDRFRAME - ok
18:25:29.0203 2028 perc2 - ok
18:25:29.0234 2028 perc2hib - ok
18:25:29.0312 2028 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
18:25:29.0328 2028 PptpMiniport - ok
18:25:29.0359 2028 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
18:25:29.0375 2028 PSched - ok
18:25:29.0406 2028 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
18:25:29.0406 2028 Ptilink - ok
18:25:29.0437 2028 ql1080 - ok
18:25:29.0468 2028 Ql10wnt - ok
18:25:29.0500 2028 ql12160 - ok
18:25:29.0531 2028 ql1240 - ok
18:25:29.0562 2028 ql1280 - ok
18:25:29.0593 2028 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
18:25:29.0609 2028 RasAcd - ok
18:25:29.0640 2028 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
18:25:29.0656 2028 Rasl2tp - ok
18:25:29.0703 2028 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
18:25:29.0703 2028 RasPppoe - ok
18:25:29.0734 2028 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
18:25:29.0750 2028 Raspti - ok
18:25:29.0781 2028 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
18:25:29.0796 2028 Rdbss - ok
18:25:29.0812 2028 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
18:25:29.0828 2028 RDPCDD - ok
18:25:29.0875 2028 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
18:25:29.0890 2028 RDPWD - ok
18:25:29.0921 2028 redbook (611bfd220305be3a85ae876ea47d4aa5) C:\WINDOWS\system32\DRIVERS\redbook.sys
18:25:29.0937 2028 redbook - ok
18:25:30.0031 2028 RT80x86 (162d6aee49372b9ce17c418cc5cde7b5) C:\WINDOWS\system32\DRIVERS\RT2860.sys
18:25:30.0062 2028 RT80x86 - ok
18:25:30.0125 2028 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
18:25:30.0125 2028 Secdrv - ok
18:25:30.0171 2028 Serial (b842729337c9b921615c40d3c1a1af96) C:\WINDOWS\system32\drivers\Serial.sys
18:25:30.0187 2028 Serial - ok
18:25:30.0250 2028 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
18:25:30.0250 2028 Sfloppy - ok
18:25:30.0296 2028 Simbad - ok
18:25:30.0328 2028 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
18:25:30.0343 2028 SLIP - ok
18:25:30.0375 2028 Sparrow - ok
18:25:30.0406 2028 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
18:25:30.0406 2028 splitter - ok
18:25:30.0484 2028 sptd (71e276f6d189413266ea22171806597b) C:\WINDOWS\system32\Drivers\sptd.sys
18:25:30.0484 2028 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\sptd.sys. md5: 71e276f6d189413266ea22171806597b
18:25:30.0500 2028 sptd ( LockedFile.Multi.Generic ) - warning
18:25:30.0500 2028 sptd - detected LockedFile.Multi.Generic (1)
18:25:30.0531 2028 sr (94610c8653635e4459316a0050d55ce7) C:\WINDOWS\system32\DRIVERS\sr.sys
18:25:30.0531 2028 sr - ok
18:25:30.0593 2028 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
18:25:30.0609 2028 Srv - ok
18:25:30.0656 2028 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
18:25:30.0671 2028 streamip - ok
18:25:30.0796 2028 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
18:25:30.0796 2028 swenum - ok
18:25:30.0828 2028 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
18:25:30.0843 2028 swmidi - ok
18:25:30.0875 2028 symc810 - ok
18:25:30.0906 2028 symc8xx - ok
18:25:30.0937 2028 sym_hi - ok
18:25:30.0968 2028 sym_u3 - ok
18:25:31.0000 2028 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
18:25:31.0015 2028 sysaudio - ok
18:25:31.0078 2028 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
18:25:31.0093 2028 Tcpip - ok
18:25:31.0125 2028 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
18:25:31.0140 2028 TDPIPE - ok
18:25:31.0171 2028 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
18:25:31.0171 2028 TDTCP - ok
18:25:31.0203 2028 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
18:25:31.0218 2028 TermDD - ok
18:25:31.0265 2028 TosIde - ok
18:25:31.0312 2028 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
18:25:31.0328 2028 Udfs - ok
18:25:31.0359 2028 ultra - ok
18:25:31.0406 2028 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
18:25:31.0437 2028 Update - ok
18:25:31.0468 2028 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
18:25:31.0484 2028 usbccgp - ok
18:25:31.0515 2028 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
18:25:31.0515 2028 usbehci - ok
18:25:31.0546 2028 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
18:25:31.0562 2028 usbhub - ok
18:25:31.0593 2028 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
18:25:31.0593 2028 usbscan - ok
18:25:31.0625 2028 usbstor (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
18:25:31.0640 2028 usbstor - ok
18:25:31.0671 2028 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
18:25:31.0671 2028 usbuhci - ok
18:25:31.0750 2028 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys
18:25:31.0750 2028 usbvideo - ok
18:25:31.0781 2028 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
18:25:31.0796 2028 VgaSave - ok
18:25:31.0812 2028 ViaIde - ok
18:25:31.0859 2028 VolSnap (28a4b296b47782173c346e376cb374d1) C:\WINDOWS\system32\drivers\VolSnap.sys
18:25:31.0859 2028 VolSnap - ok
18:25:31.0921 2028 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
18:25:31.0937 2028 Wanarp - ok
18:25:31.0953 2028 WDICA - ok
18:25:32.0000 2028 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
18:25:32.0000 2028 wdmaud - ok
18:25:32.0125 2028 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
18:25:32.0140 2028 WSTCODEC - ok
18:25:32.0203 2028 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
18:25:32.0453 2028 \Device\Harddisk0\DR0 - ok
18:25:32.0468 2028 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk1\DR1
18:25:32.0484 2028 \Device\Harddisk1\DR1 - ok
18:25:32.0500 2028 Boot (0x1200) (60bf6fa4e90c731f161e4c9ed96280de) \Device\Harddisk0\DR0\Partition0
18:25:32.0500 2028 \Device\Harddisk0\DR0\Partition0 - ok
18:25:32.0515 2028 Boot (0x1200) (2fe00d2ebe73e45023ce852edeedbbc1) \Device\Harddisk1\DR1\Partition0
18:25:32.0515 2028 \Device\Harddisk1\DR1\Partition0 - ok
18:25:32.0515 2028 ============================================================
18:25:32.0515 2028 Scan finished
18:25:32.0515 2028 ============================================================
18:25:32.0546 0860 Detected object count: 1
18:25:32.0546 0860 Actual detected object count: 1
18:27:00.0812 0860 sptd ( LockedFile.Multi.Generic ) - skipped by user
18:27:00.0812 0860 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
18:27:34.0593 3724 Deinitialize success

Re: Prosím o kontrolu logu, disk C se nekontrolovaně plní

Napsal: 14 lis 2011 18:40
od Rudy
OK. Nastala nějaká změna?

Re: Prosím o kontrolu logu, disk C se nekontrolovaně plní

Napsal: 14 lis 2011 18:53
od Evergreen5
Na disku C se uvolnilo pár desítek mega.

Re: Prosím o kontrolu logu, disk C se nekontrolovaně plní

Napsal: 14 lis 2011 19:23
od Márty84
Dobry vecer. Omlouvam se Rudy za vstup :oops:

Ja se obavam, ze problem bude i tady
8 MB (0%) free of 4 GB
XPcka jsou sice mensi, ale SP + jine aktualuzace, ono se to nasbira. Takze i po odstraneni infekce a procisteni napr. CCleanerem i pripadne defragmentaci, vam stejne asi moc mista nezustane. Chtelo by to zvetsit kapacitu :?:
Ale mozna me Rudy vyvede z omylu a bude mit lepsi zpravy :)

Re: Prosím o kontrolu logu, disk C se nekontrolovaně plní

Napsal: 14 lis 2011 19:38
od Rudy
Márty84 píše:Dobry vecer. Omlouvam se Rudy za vstup :oops:

Ja se obavam, ze problem bude i tady
8 MB (0%) free of 4 GB
XPcka jsou sice mensi, ale SP + jine aktualuzace, ono se to nasbira. Takze i po odstraneni infekce a procisteni napr. CCleanerem i pripadne defragmentaci, vam stejne asi moc mista nezustane. Chtelo by to zvetsit kapacitu :?:
Ale mozna me Rudy vyvede z omylu a bude mit lepsi zpravy :)
OK. User tvrdil, že se mu z ničeho nic zaplňuje disk. To, že je plný, může být toho důsledek. Máte pravdu v tom, že partition je malá i na WinXP+aplikace.

2Evergreen5: Sledujte nyní, zda se bude místo opět zmenšovat. Pokud ano, proveďte sken AVPTool: http://www.viry.cz/forum/viewtopic.php?f=29&t=58179 a dejte log.

Re: Prosím o kontrolu logu, disk C se nekontrolovaně plní

Napsal: 14 lis 2011 20:04
od Evergreen5
Děkuji za pomoc.
Myslíte tedy, že se už nic jiného co by souviselo s virem odstranit nedá?

Re: Prosím o kontrolu logu, disk C se nekontrolovaně plní

Napsal: 14 lis 2011 20:54
od Rudy
Myslím, že po virové stránce je to OK. Pravděpodobně ale budete muset přerozdělit disk.
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz