VIRY.CZ

Dobrý den. Prosil bych o kontrolu logu kamarádového compu. Nedávno nainstalovaný systém xp sp 3 a už neskutečně pomalý. Jak mozilla tak IE berou 100% prostředků, takže comp je neovladatelný. Když je prohlížeč v klidu tak prostředky klesnou, ale jakmile v něm pohnu myší vyletí na 90 až 100. A ještě jedna zvláštnot. Když ve správci souborů chci odstranit položku svchost.exe NETWORK SERVICE, tak vyletí velmi známé: PROBÍHÁ VYPNUTÍ SYSTÉMU. ULOŽTE VŠECHNY ROZPRACOVANÉ SOUBORTY A ODHLASTE SE. NEULOŽENÉ ZMĚNY BUDOU ZTRACENY. VYPNULTÍ VYVOLAL NT AUTHORITY/SYSTEM...........atd.
děkuji a zde log z rsit.
Logfile of random's system information tool 1.09 (written by random/random)
Run by Já at 2013-03-21 09:07:43
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 29 GB (77%) free of 38 GB
Total RAM: 511 MB (24% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:08:44, on 21.3.2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\Já\Dokumenty\Stažené soubory\RSIT(1).exe
C:\Program Files\trend micro\Já.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [PaperPort PTD] "C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe"
O4 - HKLM\..\Run: [IndexSearch] "C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil10q_Plugin.exe -update plugin
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Session Launcher Service (FUSServices) - Unknown owner - C:\WINDOWS\system32\FUSServices.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

--
End of file - 5163 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\avast! Emergency Update.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Já\Data aplikací\Mozilla\Firefox\Profiles\yubrxop1.default

prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
prefs.js - "extensions.enabledItems" - "jqs@sun.com:1.0, {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6778, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, wrc@avast.com:20110101, {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.1.94, {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.1.94, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.13"

"jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
"{23fcfd51-4958-4f00-80a3-ae97e717ed8b}"=C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video
"{6904342A-8307-11DF-A508-4AE2DFD72085}"=C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.6.602.180 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Plus Web Player
"Path"=C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files\Google\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{AB2CE124-6272-4b12-94A9-7303C7397BD1}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files\Mozilla Firefox\plugins\
npdeployJava1.dll
nppdf32.dll

C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
mall-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}]
DivX Plus Web Player HTML5 <video> - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll [2011-02-08 3118976]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{593DDEC6-7468-4cdd-90E1-42DADAA222E9}]
DivX HiQ - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll [2011-02-08 3118976]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-03-07 1224568]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-02-09 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-02-09 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-03-07 1224568]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2013-03-07 4767304]
"SSBkgdUpdate"=C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2006-10-25 210472]
"PaperPort PTD"=C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe [2007-11-13 29984]
"IndexSearch"=C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe [2007-11-13 46368]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2012-02-29 17148552]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"FlashPlayerUpdate"=C:\WINDOWS\system32\Macromed\Flash\FlashUtil10q_Plugin.exe -update plugin []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20 932288]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-01-31 35760]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2011-03-21 1230704]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\reset]
regedit /s reset.reg []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\snpstd3]
C:\WINDOWS\vsnpstd3.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-10-29 249064]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\tsnpstd3]
C:\WINDOWS\tsnpstd3.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
C:\Program Files\uTorrent\uTorrent.exe [2011-04-11 399736]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Nabídka Start^Programy^Po spuštění^Aktualizovat ESET licenci.lnk]
C:\PROGRA~1\ESET\MINODL~1\MINODL~1.EXE -u -d 10000 []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Nabídka Start^Programy^Po spuštění^Microsoft Office.lnk]
C:\PROGRA~1\MICROS~2\Office\OSA9.EXE [1999-02-17 65588]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=153

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveTypeAutoRun"=153

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Mozilla Firefox"
"C:\Program Files\Google\Google Earth\client\googleearth.exe"="C:\Program Files\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth"
"C:\Program Files\Google\Google Earth\plugin\geplugin.exe"="C:\Program Files\Google\Google Earth\plugin\geplugin.exe:*:Enabled:Google Earth"
"C:\Program Files\MSI\MyGuard Live\MyGuard Live.exe"="C:\Program Files\MSI\MyGuard Live\MyGuard Live.exe:*:Enabled:MyGuard"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"midi"=wdmaud.drv
"wave"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"vidc.DIVX"=DivX.dll
"vidc.yv12"=DivX.dll
"wave1"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv

======List of files/folders created in the last 1 month======

2013-03-21 09:07:51 ----D---- C:\Program Files\trend micro
2013-03-21 09:07:43 ----D---- C:\rsit
2013-03-19 23:07:27 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2013-03-19 22:09:46 ----D---- C:\WINDOWS\LastGood
2013-03-18 09:25:25 ----D---- C:\WINDOWS\SxsCaPendDel
2013-03-13 17:01:14 ----A---- C:\WINDOWS\system32\drivers\aswVmm.sys
2013-03-13 17:01:12 ----A---- C:\WINDOWS\system32\drivers\aswRvrt.sys
2013-03-13 17:01:11 ----A---- C:\WINDOWS\system32\drivers\aswMonFlt.sys

======List of files/folders modified in the last 1 month======

2013-03-21 09:07:51 ----RD---- C:\Program Files
2013-03-21 09:07:49 ----D---- C:\WINDOWS\Prefetch
2013-03-21 09:01:03 ----D---- C:\WINDOWS
2013-03-21 08:58:59 ----D---- C:\WINDOWS\Temp
2013-03-20 08:21:00 ----A---- C:\WINDOWS\SchedLgU.Txt
2013-03-20 00:19:02 ----D---- C:\Documents and Settings\Já\Data aplikací\Skype
2013-03-19 23:52:35 ----SD---- C:\WINDOWS\Tasks
2013-03-19 23:24:27 ----D---- C:\WINDOWS\system32
2013-03-19 22:34:36 ----HD---- C:\WINDOWS\inf
2013-03-19 22:26:38 ----HD---- C:\WINDOWS\$hf_mig$
2013-03-19 22:09:46 ----D---- C:\WINDOWS\system32\CatRoot2
2013-03-18 11:06:40 ----D---- C:\WINDOWS\twain_32
2013-03-18 11:06:40 ----A---- C:\WINDOWS\win.ini
2013-03-18 11:06:36 ----D---- C:\WINDOWS\system32\drivers
2013-03-18 11:05:47 ----SHD---- C:\WINDOWS\Installer
2013-03-18 09:26:25 ----DC---- C:\WINDOWS\system32\DRVSTORE
2013-03-07 00:32:42 ----A---- C:\WINDOWS\system32\aswBoot.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 agp440;Filtr Intel sběrnice AGP; C:\WINDOWS\system32\DRIVERS\agp440.sys [2008-04-13 42368]
R0 aswRvrt;aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [2013-03-07 49248]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2010-07-12 45648]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2013-03-07 49760]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2013-03-07 765736]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2013-03-07 368176]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2013-03-07 62376]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2013-03-07 29816]
R2 aswMonFlt;aswMonFlt; \??\C:\WINDOWS\system32\drivers\aswMonFlt.sys []
R3 ms_mpu401;Microsoft MPU-401 MIDI UART Driver; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-17 2944]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2004-08-03 1897408]
R3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S3 aswVmm;aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [2013-03-07 164736]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 LVHybrid;LVHybrid service; C:\WINDOWS\system32\DRIVERS\LVHybrid.sys [2007-05-05 796032]
S3 MPE;Filtr MPE BDA; C:\WINDOWS\system32\DRIVERS\MPE.sys [2008-04-13 15232]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 SNPSTD3;USB PC Camera (SNPSTD3); C:\WINDOWS\system32\DRIVERS\snpstd3.sys []
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 XMLDIUSB;XML USB Device Interface; C:\WINDOWS\System32\Drivers\XMLDIUSB.sys [2008-01-16 33152]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-03-07 45248]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2011-02-02 153376]
S2 FUSServices;Session Launcher Service; C:\WINDOWS\system32\FUSServices.exe [2008-08-27 10752]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-02-29 158856]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-19 253656]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-11-20 136120]

-----------------EOF-----------------

jarda.otta píše:napsalo mi to: Combofix zjistil, že následující bezpečnostní programy mají zapnuté rezidentní štíty: avast! antivirus a ESET NOD32 Antivirus 4.2 a ty že časti zasahují do činnosti ComboFixu a to může vést k nepředvídatelným výsledkům a možnému poškození počítače a že je mám ukončit.. vypnul jsem to kde se dalo. Ani zmínka ve správci úloh a přesto protestuje že je avast rezident spuštěn. Tak jsem ignoroval ale vyhledává už ne jak píše 10 min či dvojnásobek, ale už 45 minut a nic se neobjevuje. jen hláška vyhledávám a čistá obrazovka.

zde jsou ty dva logy bez combofix.

Kód: Vybrat vše

MBRScan v1.1.1

OS             : Windows XP Home Service Pack 3 (32 bit)
PROCESSOR      : x86 Family 6 Model 11 Stepping 4, GenuineIntel
BOOT           : Safe Boot
DATE           : 2013/03/21 (ISO 8601) at 12:13:27
________________________________________________________________________________

DISK           : Device\Harddisk0\DR0 __ST340014A (3.10)
BUS_TYPE       : (0x03)  P-ATA
USE_PIO        : YES
MAX_TRANSFER   : 128 Kb
ALIGNMENT_MASK : word aligned
________________________________________________________________________________

DISK           : Device\Harddisk1\DR2 __ADATA USB Flash Drive (0.00)
BUS_TYPE       : (0x07)  USB
USE_PIO        : NO
MAX_TRANSFER   : 64 Kb
ALIGNMENT_MASK : byte aligned
________________________________________________________________________________

Device\Harddisk0\DR0	37.27 Go  [Fixed] ==> XP MBR Code

MBR_MD5   : A4A5A97E744409E8005836215B265F98
MBR_SHA1  : 3A54266C35E5AC99B5C9B02C61F9C2B31C4B0D49

Device\Harddisk0\Partition1	37.26 Go  	0x07 NTFS / HPFS __ BOOTABLE __
________________________________________________________________________________

Device\Harddisk1\DR2	30.23 Go  [Removable] ==> Unknown MBR Code

MBR_MD5   : 8A1D75B8B8616F9FF27A2D81FD4F5265
MBR_SHA1  : 737C2099FE9FC61DB537DA1B380901947A4E378E

Device\Harddisk1\Partition1	30.23 Go
________________________________________________________________________________

############################### Additional scan ################################

DRIVER  : C:\WINDOWS\System32\Drivers\dump_atapi.sys => Invisible on the disk
ADDRESS : 0xF81A7000
SIZE    : 96.0 Ko

DRIVER  : C:\WINDOWS\System32\Drivers\dump_WMILIB.SYS => Invisible on the disk
ADDRESS : 0xF8A6A000
SIZE    : 8.0 Ko

SystemStartOptions : NOEXECUTE=OPTIN  FASTDETECT SAFEBOOT:MINIMAL SOS BOOTLOG NOGUIBOOT

________________________________________________________________________________

_______MBR   \Device\Harddisk0\DR0  

0x00000000   33 C0 8E D0 BC 00 7C FB 50 07 50 1F FC BE 1B 7C   3À.Ð¼.|ûP.P.ü¾.|
0x00000010   BF 1B 06 50 57 B9 E5 01 F3 A4 CB BD BE 07 B1 04   ¿..PW¹å.ó¤Ë½¾.±.
0x00000020   38 6E 00 7C 09 75 13 83 C5 10 E2 F4 CD 18 8B F5   8n.|.u..Å.âôÍ..õ
0x00000030   83 C6 10 49 74 19 38 2C 74 F6 A0 B5 07 B4 07 8B   .Æ.It.8,tö.µ.´..
0x00000040   F0 AC 3C 00 74 FC BB 07 00 B4 0E CD 10 EB F2 88   ð¬<.tü»..´.Í.ëò.
0x00000050   4E 10 E8 46 00 73 2A FE 46 10 80 7E 04 0B 74 0B   N.èF.s*þF..~..t.
0x00000060   80 7E 04 0C 74 05 A0 B6 07 75 D2 80 46 02 06 83   .~..t..¶.uÒ.F...
0x00000070   46 08 06 83 56 0A 00 E8 21 00 73 05 A0 B6 07 EB   F...V..è!.s..¶.ë
0x00000080   BC 81 3E FE 7D 55 AA 74 0B 80 7E 10 00 74 C8 A0   ¼.>þ}Uªt..~..tÈ.
0x00000090   B7 07 EB A9 8B FC 1E 57 8B F5 CB BF 05 00 8A 56   ·.ë©.ü.W.õË¿...V
0x000000A0   00 B4 08 CD 13 72 23 8A C1 24 3F 98 8A DE 8A FC   .´.Í.r#.Á$?..Þ.ü
0x000000B0   43 F7 E3 8B D1 86 D6 B1 06 D2 EE 42 F7 E2 39 56   C÷ã.Ñ.Ö±.ÒîB÷â9V
0x000000C0   0A 77 23 72 05 39 46 08 73 1C B8 01 02 BB 00 7C   .w#r.9F.s.¸..».|
0x000000D0   8B 4E 02 8B 56 00 CD 13 73 51 4F 74 4E 32 E4 8A   .N..V.Í.sQOtN2ä.
0x000000E0   56 00 CD 13 EB E4 8A 56 00 60 BB AA 55 B4 41 CD   V.Í.ëä.V.`»ªU´AÍ
0x000000F0   13 72 36 81 FB 55 AA 75 30 F6 C1 01 74 2B 61 60   .r6.ûUªu0öÁ.t+a`
0x00000100   6A 00 6A 00 FF 76 0A FF 76 08 6A 00 68 00 7C 6A   j.j..v..v.j.h.|j
0x00000110   01 6A 10 B4 42 8B F4 CD 13 61 61 73 0E 4F 74 0B   .j.´B.ôÍ.aas.Ot.
0x00000120   32 E4 8A 56 00 CD 13 EB D6 61 F9 C3 4E 65 70 6C   2ä.V.Í.ëÖaùÃNepl
0x00000130   61 74 6E A0 20 74 61 62 75 6C 6B 61 20 6F 64 64   atn. tabulka odd
0x00000140   A1 6C 85 00 43 68 79 62 61 20 70 FD 69 20 6E 61   ¡l..Chyba pýi na
0x00000150   9F A1 74 A0 6E A1 20 6F 70 65 72 61 9F 6E A1 68   .¡t.n¡ opera.n¡h
0x00000160   6F 20 73 79 73 74 82 6D 75 00 4F 70 65 72 61 9F   o syst.mu.Opera.
0x00000170   6E A1 20 73 79 73 74 82 6D 20 6E 65 6E 61 6C 65   n¡ syst.m nenale
0x00000180   7A 65 6E 00 00 00 00 00 00 00 00 00 00 00 00 00   zen.............
0x00000190   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001A0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001B0   00 00 00 00 00 2C 44 6A 7F 9D 7F 9D 00 00 80 01   .....,Dj........
0x000001C0   01 00 07 FE FF FF 3F 00 00 00 C1 52 A8 04 00 00   ...þ..?...ÁR¨...
0x000001D0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001E0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001F0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 55 AA   ..............Uª

_______MBR   \Device\Harddisk1\DR2  

0x00000000   33 C0 8E D0 BC 00 7C FB 50 07 50 1F FC BE 1B 7C   3À.Ð¼.|ûP.P.ü¾.|
0x00000010   BF 1B 06 50 57 B9 E5 01 F3 A4 CB BD BE 07 B1 04   ¿..PW¹å.ó¤Ë½¾.±.
0x00000020   38 6E 00 7C 09 75 13 83 C5 10 E2 F4 CD 18 8B F5   8n.|.u..Å.âôÍ..õ
0x00000030   83 C6 10 49 74 19 38 2C 74 F6 A0 B5 07 B4 07 8B   .Æ.It.8,tö.µ.´..
0x00000040   F0 AC 3C 00 74 FC BB 07 00 B4 0E CD 10 EB F2 88   ð¬<.tü»..´.Í.ëò.
0x00000050   4E 10 E8 46 00 73 2A FE 46 10 80 7E 04 0B 74 0B   N.èF.s*þF..~..t.
0x00000060   80 7E 04 0C 74 05 A0 B6 07 75 D2 80 46 02 06 83   .~..t..¶.uÒ.F...
0x00000070   46 08 06 83 56 0A 00 E8 21 00 73 05 A0 B6 07 EB   F...V..è!.s..¶.ë
0x00000080   BC 81 3E FE 7D 55 AA 74 0B 80 7E 10 00 74 C8 A0   ¼.>þ}Uªt..~..tÈ.
0x00000090   B7 07 EB A9 8B FC 1E 57 8B F5 CB BF 05 00 8A 56   ·.ë©.ü.W.õË¿...V
0x000000A0   00 B4 08 CD 13 72 23 8A C1 24 3F 98 8A DE 8A FC   .´.Í.r#.Á$?..Þ.ü
0x000000B0   43 F7 E3 8B D1 86 D6 B1 06 D2 EE 42 F7 E2 39 56   C÷ã.Ñ.Ö±.ÒîB÷â9V
0x000000C0   0A 77 23 72 05 39 46 08 73 1C EB 1A 90 BB 00 7C   .w#r.9F.s.ë..».|
0x000000D0   8B 4E 02 8B 56 00 CD 13 73 51 4F 74 4E 32 E4 8A   .N..V.Í.sQOtN2ä.
0x000000E0   56 00 CD 13 EB E4 8A 56 00 60 BB AA 55 B4 41 CD   V.Í.ëä.V.`»ªU´AÍ
0x000000F0   13 72 36 81 FB 55 AA 75 30 F6 C1 01 74 2B 61 60   .r6.ûUªu0öÁ.t+a`
0x00000100   6A 00 6A 00 FF 76 0A FF 76 08 6A 00 68 00 7C 6A   j.j..v..v.j.h.|j
0x00000110   01 6A 10 B4 42 8B F4 CD 13 61 61 73 0E 4F 74 0B   .j.´B.ôÍ.aas.Ot.
0x00000120   32 E4 8A 56 00 CD 13 EB D6 61 F9 C3 49 6E 76 61   2ä.V.Í.ëÖaùÃInva
0x00000130   6C 69 64 20 70 61 72 74 69 74 69 6F 6E 20 74 61   lid partition ta
0x00000140   62 6C 65 00 45 72 72 6F 72 20 6C 6F 61 64 69 6E   ble.Error loadin
0x00000150   67 20 6F 70 65 72 61 74 69 6E 67 20 73 79 73 74   g operating syst
0x00000160   65 6D 00 4D 69 73 73 69 6E 67 20 6F 70 65 72 61   em.Missing opera
0x00000170   74 69 6E 67 20 73 79 73 74 65 6D 00 00 00 00 00   ting system.....
0x00000180   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000190   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001A0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001B0   00 00 00 00 00 00 00 00 21 57 DD 04 00 00 00 01   ........!WÝ.....
0x000001C0   01 00 0C FE FF FF 3F 00 00 00 C1 3F C7 03 00 00   ...þ..?...Á?Ç...
0x000001D0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001E0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001F0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 55 AA   ..............Uª

12:07:42.0046 1052 TDSS rootkit removing tool 2.7.11.0 Feb 9 2012 10:12:57
12:07:42.0109 1052 ============================================================
12:07:42.0109 1052 Current date / time: 2013/03/21 12:07:42.0109
12:07:42.0125 1052 SystemInfo:
12:07:42.0125 1052
12:07:42.0125 1052 OS Version: 5.1.2600 ServicePack: 3.0
12:07:42.0125 1052 Product type: Workstation
12:07:42.0125 1052 ComputerName: KR-959DB0BBD9DE
12:07:42.0125 1052 UserName: Já
12:07:42.0125 1052 Windows directory: C:\WINDOWS
12:07:42.0125 1052 System windows directory: C:\WINDOWS
12:07:42.0125 1052 Processor architecture: Intel x86
12:07:42.0125 1052 Number of processors: 1
12:07:42.0125 1052 Page size: 0x1000
12:07:42.0125 1052 Boot type: Safe boot
12:07:42.0125 1052 ============================================================
12:07:45.0265 1052 Drive \Device\Harddisk0\DR0 - Size: 0x951240000 (37.27 Gb), SectorSize: 0x200, Cylinders: 0x1301, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
12:07:45.0281 1052 Drive \Device\Harddisk1\DR2 - Size: 0x78E800000 (30.23 Gb), SectorSize: 0x200, Cylinders: 0xF69, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
12:07:45.0281 1052 \Device\Harddisk0\DR0:
12:07:45.0281 1052 MBR used
12:07:45.0281 1052 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x4A852C1
12:07:45.0281 1052 \Device\Harddisk1\DR2:
12:07:45.0296 1052 MBR used
12:07:45.0296 1052 \Device\Harddisk1\DR2\Partition0: MBR, Type 0xC, StartLBA 0x3F, BlocksNum 0x3C73FC1
12:07:45.0375 1052 Initialize success
12:07:45.0375 1052 ============================================================
12:07:49.0593 1072 ============================================================
12:07:49.0593 1072 Scan started
12:07:49.0593 1072 Mode: Manual;
12:07:49.0593 1072 ============================================================
12:07:50.0718 1072 Abiosdsk - ok
12:07:50.0921 1072 abp480n5 - ok
12:07:51.0218 1072 ac97intc (0f2d66d5f08ebe2f77bb904288dcf6f0) C:\WINDOWS\system32\drivers\ac97intc.sys
12:07:51.0250 1072 ac97intc - ok
12:07:51.0609 1072 ACPI (4fe34f1f3126b61fcc6b2043aa8112c9) C:\WINDOWS\system32\DRIVERS\ACPI.sys
12:07:51.0687 1072 ACPI - ok
12:07:51.0968 1072 ACPIEC (afdff022a01f0b11c776f0860c3b282f) C:\WINDOWS\system32\drivers\ACPIEC.sys
12:07:51.0968 1072 ACPIEC - ok
12:07:52.0343 1072 adpu160m - ok
12:07:52.0640 1072 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
12:07:52.0718 1072 aec - ok
12:07:53.0078 1072 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
12:07:53.0109 1072 AFD - ok
12:07:53.0406 1072 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
12:07:53.0421 1072 agp440 - ok
12:07:53.0640 1072 Aha154x - ok
12:07:53.0859 1072 aic78u2 - ok
12:07:54.0062 1072 aic78xx - ok
12:07:54.0312 1072 AliIde - ok
12:07:54.0515 1072 amsint - ok
12:07:54.0750 1072 asc - ok
12:07:55.0015 1072 asc3350p - ok
12:07:55.0203 1072 asc3550 - ok
12:07:55.0500 1072 aswFsBlk (ccda8d84fd02aec52e62f296433ae9dc) C:\WINDOWS\system32\drivers\aswFsBlk.sys
12:07:55.0515 1072 aswFsBlk - ok
12:07:55.0875 1072 aswMonFlt (a6e20e62871a28a0f1c05b1681848fa7) C:\WINDOWS\system32\drivers\aswMonFlt.sys
12:07:55.0890 1072 aswMonFlt - ok
12:07:56.0187 1072 aswRdr (c1a411b7ccd604554d96efdac2f83617) C:\WINDOWS\system32\drivers\aswRdr.sys
12:07:56.0203 1072 aswRdr - ok
12:07:56.0484 1072 aswRvrt (657a61979f40d67ca29716149766ffa7) C:\WINDOWS\system32\drivers\aswRvrt.sys
12:07:56.0500 1072 aswRvrt - ok
12:07:57.0109 1072 aswSnx (0e604867fc28f00d91cb0b00d2ec830d) C:\WINDOWS\system32\drivers\aswSnx.sys
12:07:57.0312 1072 aswSnx - ok
12:07:57.0703 1072 aswSP (6fc4aa106aa505394c908d37cccb9148) C:\WINDOWS\system32\drivers\aswSP.sys
12:07:57.0812 1072 aswSP - ok
12:07:58.0093 1072 aswTdi (33e21ffb063ca6c7e00d568467dc72e4) C:\WINDOWS\system32\drivers\aswTdi.sys
12:07:58.0125 1072 aswTdi - ok
12:07:58.0500 1072 aswVmm (edb0c9ba44b748e420cca989fd8b826e) C:\WINDOWS\system32\drivers\aswVmm.sys
12:07:58.0546 1072 aswVmm - ok
12:07:58.0796 1072 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
12:07:58.0796 1072 AsyncMac - ok
12:07:59.0031 1072 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
12:07:59.0031 1072 atapi - ok
12:07:59.0234 1072 Atdisk - ok
12:07:59.0500 1072 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
12:07:59.0531 1072 Atmarpc - ok
12:07:59.0859 1072 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
12:07:59.0859 1072 audstub - ok
12:08:00.0265 1072 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
12:08:00.0265 1072 Beep - ok
12:08:00.0625 1072 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
12:08:00.0640 1072 cbidf2k - ok
12:08:00.0953 1072 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
12:08:00.0953 1072 CCDECODE - ok
12:08:01.0234 1072 cd20xrnt - ok
12:08:01.0500 1072 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
12:08:01.0500 1072 Cdaudio - ok
12:08:01.0859 1072 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
12:08:01.0875 1072 Cdfs - ok
12:08:02.0109 1072 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
12:08:02.0125 1072 Cdrom - ok
12:08:02.0406 1072 Changer - ok
12:08:02.0687 1072 CmdIde - ok
12:08:02.0968 1072 Cpqarray - ok
12:08:03.0250 1072 dac2w2k - ok
12:08:03.0468 1072 dac960nt - ok
12:08:03.0765 1072 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
12:08:03.0781 1072 Disk - ok
12:08:04.0250 1072 dmboot (db5fd2bf5b07dc54bfcb3664ff05bd7c) C:\WINDOWS\system32\drivers\dmboot.sys
12:08:04.0468 1072 dmboot - ok
12:08:04.0812 1072 dmio (fff1720af51171f32f1ead5cf71f2810) C:\WINDOWS\system32\drivers\dmio.sys
12:08:04.0875 1072 dmio - ok
12:08:05.0203 1072 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
12:08:05.0203 1072 dmload - ok
12:08:05.0531 1072 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
12:08:05.0546 1072 DMusic - ok
12:08:05.0843 1072 dpti2o - ok
12:08:06.0140 1072 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
12:08:06.0140 1072 drmkaud - ok
12:08:06.0625 1072 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
12:08:06.0656 1072 Fastfat - ok
12:08:06.0968 1072 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
12:08:06.0984 1072 Fdc - ok
12:08:07.0296 1072 Fips (ac366695a0796560aa37215ad5762aaf) C:\WINDOWS\system32\drivers\Fips.sys
12:08:07.0312 1072 Fips - ok
12:08:07.0562 1072 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
12:08:07.0578 1072 Flpydisk - ok
12:08:07.0890 1072 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
12:08:07.0921 1072 FltMgr - ok
12:08:08.0187 1072 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
12:08:08.0187 1072 Fs_Rec - ok
12:08:08.0500 1072 Ftdisk (4e664d8541db4a66b73a24257e322e1f) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
12:08:08.0531 1072 Ftdisk - ok
12:08:08.0781 1072 gameenum (065639773d8b03f33577f6cdaea21063) C:\WINDOWS\system32\DRIVERS\gameenum.sys
12:08:08.0781 1072 gameenum - ok
12:08:09.0046 1072 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
12:08:09.0062 1072 Gpc - ok
12:08:09.0484 1072 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
12:08:09.0484 1072 HidUsb - ok
12:08:09.0734 1072 hpn - ok
12:08:10.0109 1072 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
12:08:10.0187 1072 HTTP - ok
12:08:10.0468 1072 i2omgmt - ok
12:08:10.0671 1072 i2omp - ok
12:08:10.0968 1072 i8042prt (c528e27945367191e7bae364930b6932) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
12:08:10.0984 1072 i8042prt - ok
12:08:11.0281 1072 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
12:08:11.0296 1072 Imapi - ok
12:08:11.0578 1072 ini910u - ok
12:08:11.0875 1072 IntelIde (57d928e548b38502abba7a77a6eb7312) C:\WINDOWS\system32\DRIVERS\intelide.sys
12:08:11.0890 1072 IntelIde - ok
12:08:12.0125 1072 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
12:08:12.0140 1072 Ip6Fw - ok
12:08:12.0421 1072 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
12:08:12.0437 1072 IpFilterDriver - ok
12:08:12.0734 1072 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
12:08:12.0734 1072 IpInIp - ok
12:08:13.0015 1072 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
12:08:13.0046 1072 IpNat - ok
12:08:13.0343 1072 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
12:08:13.0359 1072 IPSec - ok
12:08:13.0578 1072 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
12:08:13.0578 1072 IRENUM - ok
12:08:13.0875 1072 isapnp (cc9f8a2d60aed1a51a3ac34c59b987ae) C:\WINDOWS\system32\DRIVERS\isapnp.sys
12:08:13.0890 1072 isapnp - ok
12:08:14.0203 1072 Kbdclass (1b6162fe7f66b1a71a4b70f941c4aa9b) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
12:08:14.0218 1072 Kbdclass - ok
12:08:14.0453 1072 kbdhid (86c8f23616c6c6e5b2776901c17b945b) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
12:08:14.0468 1072 kbdhid - ok
12:08:14.0718 1072 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
12:08:14.0765 1072 kmixer - ok
12:08:15.0046 1072 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
12:08:15.0093 1072 KSecDD - ok
12:08:15.0359 1072 lbrtfdc - ok
12:08:15.0921 1072 LVHybrid (75255840b7d5972c3005d7a9dbd5ba88) C:\WINDOWS\system32\DRIVERS\LVHybrid.sys
12:08:16.0125 1072 LVHybrid - ok
12:08:16.0437 1072 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
12:08:16.0437 1072 mnmdd - ok
12:08:16.0718 1072 Modem (44032b0c6d9954d3fd26438330b99ee7) C:\WINDOWS\system32\drivers\Modem.sys
12:08:16.0734 1072 Modem - ok
12:08:16.0984 1072 Mouclass (4cb582831dbde63ce43b45d771218374) C:\WINDOWS\system32\DRIVERS\mouclass.sys
12:08:16.0984 1072 Mouclass - ok
12:08:17.0312 1072 mouhid (bb269eba740737ab749b214d568b6812) C:\WINDOWS\system32\DRIVERS\mouhid.sys
12:08:17.0312 1072 mouhid - ok
12:08:17.0671 1072 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
12:08:17.0687 1072 MountMgr - ok
12:08:18.0015 1072 MPE (c0f8e0c2c3c0437cf37c6781896dc3ec) C:\WINDOWS\system32\DRIVERS\MPE.sys
12:08:18.0031 1072 MPE - ok
12:08:18.0328 1072 mraid35x - ok
12:08:18.0625 1072 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
12:08:18.0671 1072 MRxDAV - ok
12:08:19.0062 1072 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
12:08:19.0187 1072 MRxSmb - ok
12:08:19.0531 1072 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
12:08:19.0531 1072 Msfs - ok
12:08:19.0875 1072 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
12:08:19.0890 1072 MSKSSRV - ok
12:08:20.0140 1072 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
12:08:20.0140 1072 MSPCLOCK - ok
12:08:20.0406 1072 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
12:08:20.0421 1072 MSPQM - ok
12:08:20.0703 1072 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
12:08:20.0703 1072 mssmbios - ok
12:08:21.0031 1072 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
12:08:21.0031 1072 MSTEE - ok
12:08:21.0359 1072 ms_mpu401 (ca3e22598f411199adc2dfee76cd0ae0) C:\WINDOWS\system32\drivers\msmpu401.sys
12:08:21.0359 1072 ms_mpu401 - ok
12:08:21.0609 1072 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
12:08:21.0656 1072 Mup - ok
12:08:22.0000 1072 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
12:08:22.0031 1072 NABTSFEC - ok
12:08:22.0421 1072 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
12:08:22.0468 1072 NDIS - ok
12:08:22.0765 1072 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
12:08:22.0765 1072 NdisIP - ok
12:08:23.0015 1072 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
12:08:23.0046 1072 NdisTapi - ok
12:08:23.0343 1072 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
12:08:23.0359 1072 Ndisuio - ok
12:08:23.0625 1072 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
12:08:23.0656 1072 NdisWan - ok
12:08:23.0906 1072 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
12:08:23.0921 1072 NDProxy - ok
12:08:24.0171 1072 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
12:08:24.0203 1072 NetBIOS - ok
12:08:24.0515 1072 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
12:08:24.0578 1072 NetBT - ok
12:08:24.0984 1072 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
12:08:25.0031 1072 Npfs - ok
12:08:25.0500 1072 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
12:08:25.0656 1072 Ntfs - ok
12:08:26.0000 1072 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
12:08:26.0000 1072 Null - ok
12:08:28.0140 1072 nv (9f4384aa43548ddd438f7b7825d11699) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
12:08:29.0875 1072 nv - ok
12:08:30.0171 1072 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
12:08:30.0187 1072 NwlnkFlt - ok
12:08:30.0468 1072 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
12:08:30.0484 1072 NwlnkFwd - ok
12:08:30.0750 1072 Parport (46f8db73b4a53e543f8e371dc7c75bae) C:\WINDOWS\system32\DRIVERS\parport.sys
12:08:30.0781 1072 Parport - ok
12:08:31.0000 1072 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
12:08:31.0015 1072 PartMgr - ok
12:08:31.0281 1072 ParVdm (1fae19d0457176318bba4a8795656ebc) C:\WINDOWS\system32\drivers\ParVdm.sys
12:08:31.0296 1072 ParVdm - ok
12:08:31.0578 1072 PCI (6ce351d149cb4befc702951e471e1730) C:\WINDOWS\system32\DRIVERS\pci.sys
12:08:31.0625 1072 PCI - ok
12:08:31.0906 1072 PCIDump - ok
12:08:32.0140 1072 PCIIde - ok
12:08:32.0484 1072 Pcmcia (4fc31e6c19a5ce5198b1abff94cae758) C:\WINDOWS\system32\drivers\Pcmcia.sys
12:08:32.0531 1072 Pcmcia - ok
12:08:32.0750 1072 PDCOMP - ok
12:08:32.0968 1072 PDFRAME - ok
12:08:33.0187 1072 PDRELI - ok
12:08:33.0468 1072 PDRFRAME - ok
12:08:33.0656 1072 perc2 - ok
12:08:33.0890 1072 perc2hib - ok
12:08:34.0312 1072 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
12:08:34.0328 1072 PptpMiniport - ok
12:08:34.0656 1072 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
12:08:34.0671 1072 PSched - ok
12:08:34.0921 1072 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
12:08:34.0937 1072 Ptilink - ok
12:08:35.0218 1072 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINDOWS\system32\Drivers\PxHelp20.sys
12:08:35.0234 1072 PxHelp20 - ok
12:08:35.0484 1072 ql1080 - ok
12:08:35.0671 1072 Ql10wnt - ok
12:08:35.0890 1072 ql12160 - ok
12:08:36.0093 1072 ql1240 - ok
12:08:36.0375 1072 ql1280 - ok
12:08:36.0640 1072 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
12:08:36.0640 1072 RasAcd - ok
12:08:36.0984 1072 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
12:08:37.0000 1072 Rasl2tp - ok
12:08:37.0281 1072 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
12:08:37.0296 1072 RasPppoe - ok
12:08:37.0546 1072 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
12:08:37.0562 1072 Raspti - ok
12:08:37.0906 1072 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
12:08:37.0953 1072 Rdbss - ok
12:08:38.0250 1072 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
12:08:38.0250 1072 RDPCDD - ok
12:08:38.0625 1072 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
12:08:38.0671 1072 rdpdr - ok
12:08:38.0984 1072 RDPWD (43af5212bd8fb5ba6eed9754358bd8f7) C:\WINDOWS\system32\drivers\RDPWD.sys
12:08:39.0015 1072 RDPWD - ok
12:08:39.0328 1072 redbook (611bfd220305be3a85ae876ea47d4aa5) C:\WINDOWS\system32\DRIVERS\redbook.sys
12:08:39.0343 1072 redbook - ok
12:08:39.0734 1072 rtl8139 (d507c1400284176573224903819ffda3) C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
12:08:39.0734 1072 rtl8139 - ok
12:08:40.0093 1072 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
12:08:40.0125 1072 Secdrv - ok
12:08:40.0468 1072 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
12:08:40.0468 1072 serenum - ok
12:08:40.0718 1072 Serial (b842729337c9b921615c40d3c1a1af96) C:\WINDOWS\system32\DRIVERS\serial.sys
12:08:40.0765 1072 Serial - ok
12:08:40.0984 1072 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
12:08:40.0984 1072 Sfloppy - ok
12:08:41.0218 1072 Simbad - ok
12:08:41.0484 1072 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
12:08:41.0500 1072 SLIP - ok
12:08:41.0796 1072 SNPSTD3 - ok
12:08:42.0046 1072 Sparrow - ok
12:08:42.0328 1072 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
12:08:42.0328 1072 splitter - ok
12:08:42.0625 1072 sr (94610c8653635e4459316a0050d55ce7) C:\WINDOWS\system32\DRIVERS\sr.sys
12:08:42.0640 1072 sr - ok
12:08:43.0031 1072 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
12:08:43.0125 1072 Srv - ok
12:08:43.0484 1072 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
12:08:43.0515 1072 streamip - ok
12:08:43.0812 1072 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
12:08:43.0812 1072 swenum - ok
12:08:44.0078 1072 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
12:08:44.0093 1072 swmidi - ok
12:08:44.0406 1072 symc810 - ok
12:08:44.0640 1072 symc8xx - ok
12:08:44.0828 1072 sym_hi - ok
12:08:45.0046 1072 sym_u3 - ok
12:08:45.0296 1072 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
12:08:45.0312 1072 sysaudio - ok
12:08:45.0703 1072 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
12:08:45.0812 1072 Tcpip - ok
12:08:46.0140 1072 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
12:08:46.0140 1072 TDPIPE - ok
12:08:46.0406 1072 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
12:08:46.0421 1072 TDTCP - ok
12:08:46.0703 1072 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
12:08:46.0734 1072 TermDD - ok
12:08:47.0062 1072 TosIde - ok
12:08:47.0328 1072 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
12:08:47.0343 1072 Udfs - ok
12:08:47.0562 1072 ultra - ok
12:08:47.0937 1072 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
12:08:48.0046 1072 Update - ok
12:08:48.0421 1072 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
12:08:48.0437 1072 usbaudio - ok
12:08:48.0781 1072 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
12:08:48.0781 1072 usbccgp - ok
12:08:49.0078 1072 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
12:08:49.0093 1072 usbhub - ok
12:08:49.0390 1072 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
12:08:49.0406 1072 usbprint - ok
12:08:49.0734 1072 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
12:08:49.0734 1072 usbscan - ok
12:08:49.0968 1072 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
12:08:50.0000 1072 USBSTOR - ok
12:08:50.0281 1072 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
12:08:50.0296 1072 usbuhci - ok
12:08:50.0593 1072 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
12:08:50.0609 1072 VgaSave - ok
12:08:50.0828 1072 ViaIde - ok
12:08:51.0093 1072 VolSnap (28a4b296b47782173c346e376cb374d1) C:\WINDOWS\system32\drivers\VolSnap.sys
12:08:51.0109 1072 VolSnap - ok
12:08:51.0437 1072 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
12:08:51.0437 1072 Wanarp - ok
12:08:51.0656 1072 WDICA - ok
12:08:51.0984 1072 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
12:08:52.0031 1072 wdmaud - ok
12:08:52.0593 1072 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
12:08:52.0625 1072 WSTCODEC - ok
12:08:52.0968 1072 XMLDIUSB (2882b6fd4297219e2319e899dfc48a39) C:\WINDOWS\system32\Drivers\XMLDIUSB.sys
12:08:52.0968 1072 XMLDIUSB - ok
12:08:53.0125 1072 MBR (0x1B8) (413fc2a0c716421b3158746d63736515) \Device\Harddisk0\DR0
12:08:53.0390 1072 \Device\Harddisk0\DR0 - ok
12:08:53.0484 1072 MBR (0x1B8) (739b36f7a373fc81121d831231b6d311) \Device\Harddisk1\DR2
12:08:53.0515 1072 \Device\Harddisk1\DR2 - ok
12:08:53.0562 1072 Boot (0x1200) (98358e9f63e03720ceecc9575a481225) \Device\Harddisk0\DR0\Partition0
12:08:53.0562 1072 \Device\Harddisk0\DR0\Partition0 - ok
12:08:53.0609 1072 Boot (0x1200) (abee1802b53f1171f4f8a0a5c98ba5f3) \Device\Harddisk1\DR2\Partition0
12:08:53.0625 1072 \Device\Harddisk1\DR2\Partition0 - ok
12:08:53.0640 1072 ============================================================
12:08:53.0640 1072 Scan finished
12:08:53.0640 1072 ============================================================
12:08:53.0734 1064 Detected object count: 0
12:08:53.0734 1064 Actual detected object count: 0

jarda.otta píše:
jarda.otta píše:napsalo mi to: Combofix zjistil, že následující bezpečnostní programy mají zapnuté rezidentní štíty: avast! antivirus a ESET NOD32 Antivirus 4.2 a ty že časti zasahují do činnosti ComboFixu a to může vést k nepředvídatelným výsledkům a možnému poškození počítače a že je mám ukončit.. vypnul jsem to kde se dalo. Ani zmínka ve správci úloh a přesto protestuje že je avast rezident spuštěn. Tak jsem ignoroval ale vyhledává už ne jak píše 10 min či dvojnásobek, ale už 45 minut a nic se neobjevuje. jen hláška vyhledávám a čistá obrazovka.
zde jsou ty dva logy bez combofix.
Kód: Vybrat vše
MBRScan v1.1.1

OS             : Windows XP Home Service Pack 3 (32 bit)
PROCESSOR      : x86 Family 6 Model 11 Stepping 4, GenuineIntel
BOOT           : Safe Boot
DATE           : 2013/03/21 (ISO 8601) at 12:13:27

A zde ten combofix po hodině

ComboFix 13-03-20.02 - Já 21.03.2013  16:49:29.1.1 - x86 MINIMAL
Systém Microsoft Windows XP Professional  5.1.2600.3.1250.420.1029.18.511.418 [GMT 1:00]
Spuštěný z: c:\documents and settings\Já\Plocha\ComboFix.exe
AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!
.
.
(((((((((((((((((((((((((((((((((((((((   Ostatní výmazy   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\msmqinst.log
c:\windows\msxml4-KB973688-enu.LOG
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\regedit.com
c:\windows\system32\SET240.tmp
c:\windows\system32\taskmgr.com
c:\windows\system32\TZLog.log
.
.
(((((((((((((((((((((((((   Soubory vytvořené od 2013-02-21 do 2013-03-21  )))))))))))))))))))))))))))))))
.
.
2013-03-21 11:04 . 2001-10-24 10:54	12160	-c--a-w-	c:\windows\system32\dllcache\mouhid.sys
2013-03-21 11:04 . 2001-10-24 10:54	12160	----a-w-	c:\windows\system32\drivers\mouhid.sys
2013-03-21 10:12 . 2013-03-21 10:12	--------	d-----w-	c:\windows\LastGood
2013-03-21 10:05 . 2013-03-21 10:05	--------	d-----w-	c:\windows\nview
2013-03-21 10:05 . 2008-05-16 13:01	446464	----a-w-	c:\windows\system32\nvudisp.exe
2013-03-21 10:02 . 2008-05-16 10:48	446464	----a-w-	c:\windows\system32\NVUNINST.EXE
2013-03-21 10:02 . 2003-11-10 17:12	192512	----a-w-	c:\program files\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iuser.dll
2013-03-21 10:01 . 2003-11-10 17:13	69715	----a-w-	c:\program files\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\ctor.dll
2013-03-21 10:01 . 2003-11-10 17:12	266240	----a-w-	c:\program files\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iscript.dll
2013-03-21 10:01 . 2003-11-10 17:11	5632	----a-w-	c:\program files\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\DotNetInstaller.exe
2013-03-21 10:01 . 2003-11-10 17:14	729088	----a-w-	c:\program files\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iKernel.dll
2013-03-21 10:01 . 2013-03-21 10:01	188548	----a-w-	c:\program files\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iGdi.dll
2013-03-21 10:01 . 2013-03-21 10:01	311428	----a-w-	c:\program files\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\setup.dll
2013-03-21 08:07 . 2013-03-21 08:08	--------	d-----w-	c:\program files\trend micro
2013-03-21 08:07 . 2013-03-21 08:08	--------	d-----w-	C:\rsit
2013-03-19 22:07 . 2013-03-19 22:24	693976	----a-w-	c:\windows\system32\FlashPlayerApp.exe
2013-03-19 21:20 . 2013-02-05 20:15	522240	-c----w-	c:\windows\system32\dllcache\jsdbgui.dll
2013-03-18 08:25 . 2013-03-19 20:43	--------	d-----w-	c:\windows\SxsCaPendDel
2013-03-13 16:01 . 2013-03-06 23:33	164736	----a-w-	c:\windows\system32\drivers\aswVmm.sys
2013-03-13 16:01 . 2013-03-06 23:33	49248	----a-w-	c:\windows\system32\drivers\aswRvrt.sys
2013-03-13 16:01 . 2013-03-06 23:33	66336	----a-w-	c:\windows\system32\drivers\aswMonFlt.sys
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M výpis   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-03-19 22:24 . 2011-05-19 12:00	73432	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2013-03-06 23:33 . 2011-04-12 16:30	368176	----a-w-	c:\windows\system32\drivers\aswSP.sys
2013-03-06 23:33 . 2011-04-12 16:30	49760	----a-w-	c:\windows\system32\drivers\aswRdr.sys
2013-03-06 23:33 . 2011-04-12 16:29	765736	----a-w-	c:\windows\system32\drivers\aswSnx.sys
2013-03-06 23:33 . 2011-04-12 16:29	62376	----a-w-	c:\windows\system32\drivers\aswTdi.sys
2013-03-06 23:33 . 2011-04-12 16:30	29816	----a-w-	c:\windows\system32\drivers\aswFsBlk.sys
2013-03-06 23:32 . 2011-04-12 16:29	41664	----a-w-	c:\windows\avastSS.scr
2013-03-06 23:32 . 2011-04-12 16:29	228600	----a-w-	c:\windows\system32\aswBoot.exe
2013-02-05 20:15 . 2004-08-17 13:49	916480	----a-w-	c:\windows\system32\wininet.dll
2013-02-05 20:15 . 2004-08-17 13:49	43520	------w-	c:\windows\system32\licmgr10.dll
2013-02-05 20:15 . 2004-08-17 13:49	1469440	------w-	c:\windows\system32\inetcpl.cpl
2013-02-05 05:53 . 2004-08-17 13:44	385024	----a-w-	c:\windows\system32\html.iec
2013-01-26 03:55 . 2004-08-17 13:49	552448	----a-w-	c:\windows\system32\oleaut32.dll
2013-01-07 07:26 . 2004-08-17 15:45	2071936	----a-w-	c:\windows\system32\ntkrnlpa.exe
2013-01-07 07:26 . 2004-08-17 13:45	2195200	----a-w-	c:\windows\system32\ntoskrnl.exe
2013-01-04 10:10 . 2004-08-17 13:44	1867264	----a-w-	c:\windows\system32\win32k.sys
2013-01-02 06:49 . 2004-08-17 13:49	148992	----a-w-	c:\windows\system32\mpg2splt.ax
2013-01-02 06:49 . 2004-08-17 13:49	1294848	----a-w-	c:\windows\system32\quartz.dll
2013-03-21 09:31 . 2013-03-21 09:31	263064	----a-w-	c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((   Spouštěcí body v registru   )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-03-06 23:32	121968	----a-w-	c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2012-02-29 17148552]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-03-06 4767304]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-16 13529088]
"nwiz"="nwiz.exe" [2008-05-16 1630208]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-05-16 86016]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Nabídka Start^Programy^Po spuštění^Aktualizovat ESET licenci.lnk]
backup=c:\windows\pss\Aktualizovat ESET licenci.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Nabídka Start^Programy^Po spuštění^Microsoft Office.lnk]
path=c:\documents and settings\All Users.WINDOWS\Nabídka Start\Programy\Po spuštění\Microsoft Office.lnk
backup=c:\windows\pss\Microsoft Office.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\reset]
regedit [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-09-20 22:07	932288	----a-r-	c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2011-01-31 08:44	35760	----a-w-	c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2011-03-21 21:10	1230704	----a-w-	c:\program files\DivX\DivX Update\DivXUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndexSearch]
2007-11-13 15:37	46368	----a-w-	c:\program files\ScanSoft\PaperPort\IndexSearch.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 06:52	1695232	------w-	c:\program files\Messenger\msmsgs.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PaperPort PTD]
2007-11-13 15:39	29984	----a-w-	c:\program files\ScanSoft\PaperPort\pptd40nt.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate]
2006-10-25 07:03	210472	----a-w-	c:\program files\Common Files\ScanSoft Shared\SSBkgdUpdate\SSBkgdUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-10-29 12:49	249064	----a-w-	c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
2011-04-11 09:57	399736	----a-w-	c:\program files\uTorrent\uTorrent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
R1 aswSnx;aswSnx; [x]
R1 aswSP;aswSP; [x]
R2 aswFsBlk;aswFsBlk; [x]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
R2 FUSServices;Session Launcher Service;c:\windows\system32\FUSServices.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [x]
R3 aswVmm;aswVmm; [x]
R3 LVHybrid;LVHybrid service;c:\windows\system32\DRIVERS\LVHybrid.sys [x]
R3 XMLDIUSB;XML USB Device Interface;c:\windows\system32\Drivers\XMLDIUSB.sys [x]
S0 aswRvrt;aswRvrt; [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - 22997196
*Deregistered* - 22997196
.
Obsah adresáře 'Naplánované úlohy'
.
2013-03-21 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-19 22:24]
.
2013-03-21 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2013-03-13 23:32]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uDefault_Search_URL = hxxp://www.google.com
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
FF - ProfilePath - c:\documents and settings\Já\Data aplikací\Mozilla\Firefox\Profiles\yubrxop1.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: network.proxy.type - 0
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
MSConfigStartUp-snpstd3 - c:\windows\vsnpstd3.exe
MSConfigStartUp-tsnpstd3 - c:\windows\tsnpstd3.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-03-21 17:02
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...  
.
skenování skrytých položek 'Po spuštění' ... 
.
skenování skrytých souborů ...  
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
Celkový čas: 2013-03-21  17:05:51
ComboFix-quarantined-files.txt  2013-03-21 16:05
.
Před spuštěním: Volných bajtů: 30 345 367 552
Po spuštění: Volných bajtů: 30 623 285 248
.
- - End Of File - - AE3A9597B1DE3C396EE7E6DC9DFB42BD

________________________________________________________________________________

DISK           : Device\Harddisk0\DR0 __ST340014A (3.10)
BUS_TYPE       : (0x03)  P-ATA
USE_PIO        : YES
MAX_TRANSFER   : 128 Kb
ALIGNMENT_MASK : word aligned
________________________________________________________________________________

DISK           : Device\Harddisk1\DR2 __ADATA USB Flash Drive (0.00)
BUS_TYPE       : (0x07)  USB
USE_PIO        : NO
MAX_TRANSFER   : 64 Kb
ALIGNMENT_MASK : byte aligned
________________________________________________________________________________

Device\Harddisk0\DR0	37.27 Go  [Fixed] ==> XP MBR Code

MBR_MD5   : A4A5A97E744409E8005836215B265F98
MBR_SHA1  : 3A54266C35E5AC99B5C9B02C61F9C2B31C4B0D49

Device\Harddisk0\Partition1	37.26 Go  	0x07 NTFS / HPFS __ BOOTABLE __
________________________________________________________________________________

Device\Harddisk1\DR2	30.23 Go  [Removable] ==> Unknown MBR Code

MBR_MD5   : 8A1D75B8B8616F9FF27A2D81FD4F5265
MBR_SHA1  : 737C2099FE9FC61DB537DA1B380901947A4E378E

Device\Harddisk1\Partition1	30.23 Go
________________________________________________________________________________

############################### Additional scan ################################

DRIVER  : C:\WINDOWS\System32\Drivers\dump_atapi.sys => Invisible on the disk
ADDRESS : 0xF81A7000
SIZE    : 96.0 Ko

DRIVER  : C:\WINDOWS\System32\Drivers\dump_WMILIB.SYS => Invisible on the disk
ADDRESS : 0xF8A6A000
SIZE    : 8.0 Ko

SystemStartOptions : NOEXECUTE=OPTIN  FASTDETECT SAFEBOOT:MINIMAL SOS BOOTLOG NOGUIBOOT

________________________________________________________________________________

_______MBR   \Device\Harddisk0\DR0  

0x00000000   33 C0 8E D0 BC 00 7C FB 50 07 50 1F FC BE 1B 7C   3À.Ð¼.|ûP.P.ü¾.|
0x00000010   BF 1B 06 50 57 B9 E5 01 F3 A4 CB BD BE 07 B1 04   ¿..PW¹å.ó¤Ë½¾.±.
0x00000020   38 6E 00 7C 09 75 13 83 C5 10 E2 F4 CD 18 8B F5   8n.|.u..Å.âôÍ..õ
0x00000030   83 C6 10 49 74 19 38 2C 74 F6 A0 B5 07 B4 07 8B   .Æ.It.8,tö.µ.´..
0x00000040   F0 AC 3C 00 74 FC BB 07 00 B4 0E CD 10 EB F2 88   ð¬<.tü»..´.Í.ëò.
0x00000050   4E 10 E8 46 00 73 2A FE 46 10 80 7E 04 0B 74 0B   N.èF.s*þF..~..t.
0x00000060   80 7E 04 0C 74 05 A0 B6 07 75 D2 80 46 02 06 83   .~..t..¶.uÒ.F...
0x00000070   46 08 06 83 56 0A 00 E8 21 00 73 05 A0 B6 07 EB   F...V..è!.s..¶.ë
0x00000080   BC 81 3E FE 7D 55 AA 74 0B 80 7E 10 00 74 C8 A0   ¼.>þ}Uªt..~..tÈ.
0x00000090   B7 07 EB A9 8B FC 1E 57 8B F5 CB BF 05 00 8A 56   ·.ë©.ü.W.õË¿...V
0x000000A0   00 B4 08 CD 13 72 23 8A C1 24 3F 98 8A DE 8A FC   .´.Í.r#.Á$?..Þ.ü
0x000000B0   43 F7 E3 8B D1 86 D6 B1 06 D2 EE 42 F7 E2 39 56   C÷ã.Ñ.Ö±.ÒîB÷â9V
0x000000C0   0A 77 23 72 05 39 46 08 73 1C B8 01 02 BB 00 7C   .w#r.9F.s.¸..».|
0x000000D0   8B 4E 02 8B 56 00 CD 13 73 51 4F 74 4E 32 E4 8A   .N..V.Í.sQOtN2ä.
0x000000E0   56 00 CD 13 EB E4 8A 56 00 60 BB AA 55 B4 41 CD   V.Í.ëä.V.`»ªU´AÍ
0x000000F0   13 72 36 81 FB 55 AA 75 30 F6 C1 01 74 2B 61 60   .r6.ûUªu0öÁ.t+a`
0x00000100   6A 00 6A 00 FF 76 0A FF 76 08 6A 00 68 00 7C 6A   j.j..v..v.j.h.|j
0x00000110   01 6A 10 B4 42 8B F4 CD 13 61 61 73 0E 4F 74 0B   .j.´B.ôÍ.aas.Ot.
0x00000120   32 E4 8A 56 00 CD 13 EB D6 61 F9 C3 4E 65 70 6C   2ä.V.Í.ëÖaùÃNepl
0x00000130   61 74 6E A0 20 74 61 62 75 6C 6B 61 20 6F 64 64   atn. tabulka odd
0x00000140   A1 6C 85 00 43 68 79 62 61 20 70 FD 69 20 6E 61   ¡l..Chyba pýi na
0x00000150   9F A1 74 A0 6E A1 20 6F 70 65 72 61 9F 6E A1 68   .¡t.n¡ opera.n¡h
0x00000160   6F 20 73 79 73 74 82 6D 75 00 4F 70 65 72 61 9F   o syst.mu.Opera.
0x00000170   6E A1 20 73 79 73 74 82 6D 20 6E 65 6E 61 6C 65   n¡ syst.m nenale
0x00000180   7A 65 6E 00 00 00 00 00 00 00 00 00 00 00 00 00   zen.............
0x00000190   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001A0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001B0   00 00 00 00 00 2C 44 6A 7F 9D 7F 9D 00 00 80 01   .....,Dj........
0x000001C0   01 00 07 FE FF FF 3F 00 00 00 C1 52 A8 04 00 00   ...þ..?...ÁR¨...
0x000001D0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001E0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001F0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 55 AA   ..............Uª

_______MBR   \Device\Harddisk1\DR2  

0x00000000   33 C0 8E D0 BC 00 7C FB 50 07 50 1F FC BE 1B 7C   3À.Ð¼.|ûP.P.ü¾.|
0x00000010   BF 1B 06 50 57 B9 E5 01 F3 A4 CB BD BE 07 B1 04   ¿..PW¹å.ó¤Ë½¾.±.
0x00000020   38 6E 00 7C 09 75 13 83 C5 10 E2 F4 CD 18 8B F5   8n.|.u..Å.âôÍ..õ
0x00000030   83 C6 10 49 74 19 38 2C 74 F6 A0 B5 07 B4 07 8B   .Æ.It.8,tö.µ.´..
0x00000040   F0 AC 3C 00 74 FC BB 07 00 B4 0E CD 10 EB F2 88   ð¬<.tü»..´.Í.ëò.
0x00000050   4E 10 E8 46 00 73 2A FE 46 10 80 7E 04 0B 74 0B   N.èF.s*þF..~..t.
0x00000060   80 7E 04 0C 74 05 A0 B6 07 75 D2 80 46 02 06 83   .~..t..¶.uÒ.F...
0x00000070   46 08 06 83 56 0A 00 E8 21 00 73 05 A0 B6 07 EB   F...V..è!.s..¶.ë
0x00000080   BC 81 3E FE 7D 55 AA 74 0B 80 7E 10 00 74 C8 A0   ¼.>þ}Uªt..~..tÈ.
0x00000090   B7 07 EB A9 8B FC 1E 57 8B F5 CB BF 05 00 8A 56   ·.ë©.ü.W.õË¿...V
0x000000A0   00 B4 08 CD 13 72 23 8A C1 24 3F 98 8A DE 8A FC   .´.Í.r#.Á$?..Þ.ü
0x000000B0   43 F7 E3 8B D1 86 D6 B1 06 D2 EE 42 F7 E2 39 56   C÷ã.Ñ.Ö±.ÒîB÷â9V
0x000000C0   0A 77 23 72 05 39 46 08 73 1C EB 1A 90 BB 00 7C   .w#r.9F.s.ë..».|
0x000000D0   8B 4E 02 8B 56 00 CD 13 73 51 4F 74 4E 32 E4 8A   .N..V.Í.sQOtN2ä.
0x000000E0   56 00 CD 13 EB E4 8A 56 00 60 BB AA 55 B4 41 CD   V.Í.ëä.V.`»ªU´AÍ
0x000000F0   13 72 36 81 FB 55 AA 75 30 F6 C1 01 74 2B 61 60   .r6.ûUªu0öÁ.t+a`
0x00000100   6A 00 6A 00 FF 76 0A FF 76 08 6A 00 68 00 7C 6A   j.j..v..v.j.h.|j
0x00000110   01 6A 10 B4 42 8B F4 CD 13 61 61 73 0E 4F 74 0B   .j.´B.ôÍ.aas.Ot.
0x00000120   32 E4 8A 56 00 CD 13 EB D6 61 F9 C3 49 6E 76 61   2ä.V.Í.ëÖaùÃInva
0x00000130   6C 69 64 20 70 61 72 74 69 74 69 6F 6E 20 74 61   lid partition ta
0x00000140   62 6C 65 00 45 72 72 6F 72 20 6C 6F 61 64 69 6E   ble.Error loadin
0x00000150   67 20 6F 70 65 72 61 74 69 6E 67 20 73 79 73 74   g operating syst
0x00000160   65 6D 00 4D 69 73 73 69 6E 67 20 6F 70 65 72 61   em.Missing opera
0x00000170   74 69 6E 67 20 73 79 73 74 65 6D 00 00 00 00 00   ting system.....
0x00000180   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000190   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001A0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001B0   00 00 00 00 00 00 00 00 21 57 DD 04 00 00 00 01   ........!WÝ.....
0x000001C0   01 00 0C FE FF FF 3F 00 00 00 C1 3F C7 03 00 00   ...þ..?...Á?Ç...
0x000001D0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001E0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001F0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 55 AA   ..............Uª
12:07:42.0046 1052 TDSS rootkit removing tool 2.7.11.0 Feb 9 2012 10:12:57
12:07:42.0109 1052 ============================================================
12:07:42.0109 1052 Current date / time: 2013/03/21 12:07:42.0109
12:07:42.0125 1052 SystemInfo:
12:07:42.0125 1052
12:07:42.0125 1052 OS Version: 5.1.2600 ServicePack: 3.0
12:07:42.0125 1052 Product type: Workstation
12:07:42.0125 1052 ComputerName: KR-959DB0BBD9DE
12:07:42.0125 1052 UserName: Já
12:07:42.0125 1052 Windows directory: C:\WINDOWS
12:07:42.0125 1052 System windows directory: C:\WINDOWS
12:07:42.0125 1052 Processor architecture: Intel x86
12:07:42.0125 1052 Number of processors: 1
12:07:42.0125 1052 Page size: 0x1000
12:07:42.0125 1052 Boot type: Safe boot
12:07:42.0125 1052 ============================================================
12:07:45.0265 1052 Drive \Device\Harddisk0\DR0 - Size: 0x951240000 (37.27 Gb), SectorSize: 0x200, Cylinders: 0x1301, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
12:07:45.0281 1052 Drive \Device\Harddisk1\DR2 - Size: 0x78E800000 (30.23 Gb), SectorSize: 0x200, Cylinders: 0xF69, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
12:07:45.0281 1052 \Device\Harddisk0\DR0:
12:07:45.0281 1052 MBR used
12:07:45.0281 1052 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x4A852C1
12:07:45.0281 1052 \Device\Harddisk1\DR2:
12:07:45.0296 1052 MBR used
12:07:45.0296 1052 \Device\Harddisk1\DR2\Partition0: MBR, Type 0xC, StartLBA 0x3F, BlocksNum 0x3C73FC1
12:07:45.0375 1052 Initialize success
12:07:45.0375 1052 ============================================================
12:07:49.0593 1072 ============================================================
12:07:49.0593 1072 Scan started
12:07:49.0593 1072 Mode: Manual;
12:07:49.0593 1072 ============================================================
12:07:50.0718 1072 Abiosdsk - ok
12:07:50.0921 1072 abp480n5 - ok
12:07:51.0218 1072 ac97intc (0f2d66d5f08ebe2f77bb904288dcf6f0) C:\WINDOWS\system32\drivers\ac97intc.sys
12:07:51.0250 1072 ac97intc - ok
12:07:51.0609 1072 ACPI (4fe34f1f3126b61fcc6b2043aa8112c9) C:\WINDOWS\system32\DRIVERS\ACPI.sys
12:07:51.0687 1072 ACPI - ok
12:07:51.0968 1072 ACPIEC (afdff022a01f0b11c776f0860c3b282f) C:\WINDOWS\system32\drivers\ACPIEC.sys
12:07:51.0968 1072 ACPIEC - ok
12:07:52.0343 1072 adpu160m - ok
12:07:52.0640 1072 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
12:07:52.0718 1072 aec - ok
12:07:53.0078 1072 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
12:07:53.0109 1072 AFD - ok
12:07:53.0406 1072 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
12:07:53.0421 1072 agp440 - ok
12:07:53.0640 1072 Aha154x - ok
12:07:53.0859 1072 aic78u2 - ok
12:07:54.0062 1072 aic78xx - ok
12:07:54.0312 1072 AliIde - ok
12:07:54.0515 1072 amsint - ok
12:07:54.0750 1072 asc - ok
12:07:55.0015 1072 asc3350p - ok
12:07:55.0203 1072 asc3550 - ok
12:07:55.0500 1072 aswFsBlk (ccda8d84fd02aec52e62f296433ae9dc) C:\WINDOWS\system32\drivers\aswFsBlk.sys
12:07:55.0515 1072 aswFsBlk - ok
12:07:55.0875 1072 aswMonFlt (a6e20e62871a28a0f1c05b1681848fa7) C:\WINDOWS\system32\drivers\aswMonFlt.sys
12:07:55.0890 1072 aswMonFlt - ok
12:07:56.0187 1072 aswRdr (c1a411b7ccd604554d96efdac2f83617) C:\WINDOWS\system32\drivers\aswRdr.sys
12:07:56.0203 1072 aswRdr - ok
12:07:56.0484 1072 aswRvrt (657a61979f40d67ca29716149766ffa7) C:\WINDOWS\system32\drivers\aswRvrt.sys
12:07:56.0500 1072 aswRvrt - ok
12:07:57.0109 1072 aswSnx (0e604867fc28f00d91cb0b00d2ec830d) C:\WINDOWS\system32\drivers\aswSnx.sys
12:07:57.0312 1072 aswSnx - ok
12:07:57.0703 1072 aswSP (6fc4aa106aa505394c908d37cccb9148) C:\WINDOWS\system32\drivers\aswSP.sys
12:07:57.0812 1072 aswSP - ok
12:07:58.0093 1072 aswTdi (33e21ffb063ca6c7e00d568467dc72e4) C:\WINDOWS\system32\drivers\aswTdi.sys
12:07:58.0125 1072 aswTdi - ok
12:07:58.0500 1072 aswVmm (edb0c9ba44b748e420cca989fd8b826e) C:\WINDOWS\system32\drivers\aswVmm.sys
12:07:58.0546 1072 aswVmm - ok
12:07:58.0796 1072 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
12:07:58.0796 1072 AsyncMac - ok
12:07:59.0031 1072 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
12:07:59.0031 1072 atapi - ok
12:07:59.0234 1072 Atdisk - ok
12:07:59.0500 1072 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
12:07:59.0531 1072 Atmarpc - ok
12:07:59.0859 1072 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
12:07:59.0859 1072 audstub - ok
12:08:00.0265 1072 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
12:08:00.0265 1072 Beep - ok
12:08:00.0625 1072 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
12:08:00.0640 1072 cbidf2k - ok
12:08:00.0953 1072 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
12:08:00.0953 1072 CCDECODE - ok
12:08:01.0234 1072 cd20xrnt - ok
12:08:01.0500 1072 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
12:08:01.0500 1072 Cdaudio - ok
12:08:01.0859 1072 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
12:08:01.0875 1072 Cdfs - ok
12:08:02.0109 1072 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
12:08:02.0125 1072 Cdrom - ok
12:08:02.0406 1072 Changer - ok
12:08:02.0687 1072 CmdIde - ok
12:08:02.0968 1072 Cpqarray - ok
12:08:03.0250 1072 dac2w2k - ok
12:08:03.0468 1072 dac960nt - ok
12:08:03.0765 1072 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
12:08:03.0781 1072 Disk - ok
12:08:04.0250 1072 dmboot (db5fd2bf5b07dc54bfcb3664ff05bd7c) C:\WINDOWS\system32\drivers\dmboot.sys
12:08:04.0468 1072 dmboot - ok
12:08:04.0812 1072 dmio (fff1720af51171f32f1ead5cf71f2810) C:\WINDOWS\system32\drivers\dmio.sys
12:08:04.0875 1072 dmio - ok
12:08:05.0203 1072 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
12:08:05.0203 1072 dmload - ok
12:08:05.0531 1072 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
12:08:05.0546 1072 DMusic - ok
12:08:05.0843 1072 dpti2o - ok
12:08:06.0140 1072 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
12:08:06.0140 1072 drmkaud - ok
12:08:06.0625 1072 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
12:08:06.0656 1072 Fastfat - ok
12:08:06.0968 1072 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
12:08:06.0984 1072 Fdc - ok
12:08:07.0296 1072 Fips (ac366695a0796560aa37215ad5762aaf) C:\WINDOWS\system32\drivers\Fips.sys
12:08:07.0312 1072 Fips - ok
12:08:07.0562 1072 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
12:08:07.0578 1072 Flpydisk - ok
12:08:07.0890 1072 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
12:08:07.0921 1072 FltMgr - ok
12:08:08.0187 1072 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
12:08:08.0187 1072 Fs_Rec - ok
12:08:08.0500 1072 Ftdisk (4e664d8541db4a66b73a24257e322e1f) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
12:08:08.0531 1072 Ftdisk - ok
12:08:08.0781 1072 gameenum (065639773d8b03f33577f6cdaea21063) C:\WINDOWS\system32\DRIVERS\gameenum.sys
12:08:08.0781 1072 gameenum - ok
12:08:09.0046 1072 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
12:08:09.0062 1072 Gpc - ok
12:08:09.0484 1072 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
12:08:09.0484 1072 HidUsb - ok
12:08:09.0734 1072 hpn - ok
12:08:10.0109 1072 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
12:08:10.0187 1072 HTTP - ok
12:08:10.0468 1072 i2omgmt - ok
12:08:10.0671 1072 i2omp - ok
12:08:10.0968 1072 i8042prt (c528e27945367191e7bae364930b6932) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
12:08:10.0984 1072 i8042prt - ok
12:08:11.0281 1072 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
12:08:11.0296 1072 Imapi - ok
12:08:11.0578 1072 ini910u - ok
12:08:11.0875 1072 IntelIde (57d928e548b38502abba7a77a6eb7312) C:\WINDOWS\system32\DRIVERS\intelide.sys
12:08:11.0890 1072 IntelIde - ok
12:08:12.0125 1072 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
12:08:12.0140 1072 Ip6Fw - ok
12:08:12.0421 1072 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
12:08:12.0437 1072 IpFilterDriver - ok
12:08:12.0734 1072 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
12:08:12.0734 1072 IpInIp - ok
12:08:13.0015 1072 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
12:08:13.0046 1072 IpNat - ok
12:08:13.0343 1072 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
12:08:13.0359 1072 IPSec - ok
12:08:13.0578 1072 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
12:08:13.0578 1072 IRENUM - ok
12:08:13.0875 1072 isapnp (cc9f8a2d60aed1a51a3ac34c59b987ae) C:\WINDOWS\system32\DRIVERS\isapnp.sys
12:08:13.0890 1072 isapnp - ok
12:08:14.0203 1072 Kbdclass (1b6162fe7f66b1a71a4b70f941c4aa9b) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
12:08:14.0218 1072 Kbdclass - ok
12:08:14.0453 1072 kbdhid (86c8f23616c6c6e5b2776901c17b945b) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
12:08:14.0468 1072 kbdhid - ok
12:08:14.0718 1072 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
12:08:14.0765 1072 kmixer - ok
12:08:15.0046 1072 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
12:08:15.0093 1072 KSecDD - ok
12:08:15.0359 1072 lbrtfdc - ok
12:08:15.0921 1072 LVHybrid (75255840b7d5972c3005d7a9dbd5ba88) C:\WINDOWS\system32\DRIVERS\LVHybrid.sys
12:08:16.0125 1072 LVHybrid - ok
12:08:16.0437 1072 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
12:08:16.0437 1072 mnmdd - ok
12:08:16.0718 1072 Modem (44032b0c6d9954d3fd26438330b99ee7) C:\WINDOWS\system32\drivers\Modem.sys
12:08:16.0734 1072 Modem - ok
12:08:16.0984 1072 Mouclass (4cb582831dbde63ce43b45d771218374) C:\WINDOWS\system32\DRIVERS\mouclass.sys
12:08:16.0984 1072 Mouclass - ok
12:08:17.0312 1072 mouhid (bb269eba740737ab749b214d568b6812) C:\WINDOWS\system32\DRIVERS\mouhid.sys
12:08:17.0312 1072 mouhid - ok
12:08:17.0671 1072 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
12:08:17.0687 1072 MountMgr - ok
12:08:18.0015 1072 MPE (c0f8e0c2c3c0437cf37c6781896dc3ec) C:\WINDOWS\system32\DRIVERS\MPE.sys
12:08:18.0031 1072 MPE - ok
12:08:18.0328 1072 mraid35x - ok
12:08:18.0625 1072 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
12:08:18.0671 1072 MRxDAV - ok
12:08:19.0062 1072 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
12:08:19.0187 1072 MRxSmb - ok
12:08:19.0531 1072 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
12:08:19.0531 1072 Msfs - ok
12:08:19.0875 1072 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
12:08:19.0890 1072 MSKSSRV - ok
12:08:20.0140 1072 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
12:08:20.0140 1072 MSPCLOCK - ok
12:08:20.0406 1072 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
12:08:20.0421 1072 MSPQM - ok
12:08:20.0703 1072 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
12:08:20.0703 1072 mssmbios - ok
12:08:21.0031 1072 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
12:08:21.0031 1072 MSTEE - ok
12:08:21.0359 1072 ms_mpu401 (ca3e22598f411199adc2dfee76cd0ae0) C:\WINDOWS\system32\drivers\msmpu401.sys
12:08:21.0359 1072 ms_mpu401 - ok
12:08:21.0609 1072 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
12:08:21.0656 1072 Mup - ok
12:08:22.0000 1072 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
12:08:22.0031 1072 NABTSFEC - ok
12:08:22.0421 1072 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
12:08:22.0468 1072 NDIS - ok
12:08:22.0765 1072 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
12:08:22.0765 1072 NdisIP - ok
12:08:23.0015 1072 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
12:08:23.0046 1072 NdisTapi - ok
12:08:23.0343 1072 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
12:08:23.0359 1072 Ndisuio - ok
12:08:23.0625 1072 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
12:08:23.0656 1072 NdisWan - ok
12:08:23.0906 1072 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
12:08:23.0921 1072 NDProxy - ok
12:08:24.0171 1072 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
12:08:24.0203 1072 NetBIOS - ok
12:08:24.0515 1072 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
12:08:24.0578 1072 NetBT - ok
12:08:24.0984 1072 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
12:08:25.0031 1072 Npfs - ok
12:08:25.0500 1072 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
12:08:25.0656 1072 Ntfs - ok
12:08:26.0000 1072 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
12:08:26.0000 1072 Null - ok
12:08:28.0140 1072 nv (9f4384aa43548ddd438f7b7825d11699) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
12:08:29.0875 1072 nv - ok
12:08:30.0171 1072 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
12:08:30.0187 1072 NwlnkFlt - ok
12:08:30.0468 1072 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
12:08:30.0484 1072 NwlnkFwd - ok
12:08:30.0750 1072 Parport (46f8db73b4a53e543f8e371dc7c75bae) C:\WINDOWS\system32\DRIVERS\parport.sys
12:08:30.0781 1072 Parport - ok
12:08:31.0000 1072 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
12:08:31.0015 1072 PartMgr - ok
12:08:31.0281 1072 ParVdm (1fae19d0457176318bba4a8795656ebc) C:\WINDOWS\system32\drivers\ParVdm.sys
12:08:31.0296 1072 ParVdm - ok
12:08:31.0578 1072 PCI (6ce351d149cb4befc702951e471e1730) C:\WINDOWS\system32\DRIVERS\pci.sys
12:08:31.0625 1072 PCI - ok
12:08:31.0906 1072 PCIDump - ok
12:08:32.0140 1072 PCIIde - ok
12:08:32.0484 1072 Pcmcia (4fc31e6c19a5ce5198b1abff94cae758) C:\WINDOWS\system32\drivers\Pcmcia.sys
12:08:32.0531 1072 Pcmcia - ok
12:08:32.0750 1072 PDCOMP - ok
12:08:32.0968 1072 PDFRAME - ok
12:08:33.0187 1072 PDRELI - ok
12:08:33.0468 1072 PDRFRAME - ok
12:08:33.0656 1072 perc2 - ok
12:08:33.0890 1072 perc2hib - ok
12:08:34.0312 1072 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
12:08:34.0328 1072 PptpMiniport - ok
12:08:34.0656 1072 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
12:08:34.0671 1072 PSched - ok
12:08:34.0921 1072 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
12:08:34.0937 1072 Ptilink - ok
12:08:35.0218 1072 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINDOWS\system32\Drivers\PxHelp20.sys
12:08:35.0234 1072 PxHelp20 - ok
12:08:35.0484 1072 ql1080 - ok
12:08:35.0671 1072 Ql10wnt - ok
12:08:35.0890 1072 ql12160 - ok
12:08:36.0093 1072 ql1240 - ok
12:08:36.0375 1072 ql1280 - ok
12:08:36.0640 1072 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
12:08:36.0640 1072 RasAcd - ok
12:08:36.0984 1072 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
12:08:37.0000 1072 Rasl2tp - ok
12:08:37.0281 1072 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
12:08:37.0296 1072 RasPppoe - ok
12:08:37.0546 1072 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
12:08:37.0562 1072 Raspti - ok
12:08:37.0906 1072 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
12:08:37.0953 1072 Rdbss - ok
12:08:38.0250 1072 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
12:08:38.0250 1072 RDPCDD - ok
12:08:38.0625 1072 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
12:08:38.0671 1072 rdpdr - ok
12:08:38.0984 1072 RDPWD (43af5212bd8fb5ba6eed9754358bd8f7) C:\WINDOWS\system32\drivers\RDPWD.sys
12:08:39.0015 1072 RDPWD - ok
12:08:39.0328 1072 redbook (611bfd220305be3a85ae876ea47d4aa5) C:\WINDOWS\system32\DRIVERS\redbook.sys
12:08:39.0343 1072 redbook - ok
12:08:39.0734 1072 rtl8139 (d507c1400284176573224903819ffda3) C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
12:08:39.0734 1072 rtl8139 - ok
12:08:40.0093 1072 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
12:08:40.0125 1072 Secdrv - ok
12:08:40.0468 1072 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
12:08:40.0468 1072 serenum - ok
12:08:40.0718 1072 Serial (b842729337c9b921615c40d3c1a1af96) C:\WINDOWS\system32\DRIVERS\serial.sys
12:08:40.0765 1072 Serial - ok
12:08:40.0984 1072 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
12:08:40.0984 1072 Sfloppy - ok
12:08:41.0218 1072 Simbad - ok
12:08:41.0484 1072 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
12:08:41.0500 1072 SLIP - ok
12:08:41.0796 1072 SNPSTD3 - ok
12:08:42.0046 1072 Sparrow - ok
12:08:42.0328 1072 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
12:08:42.0328 1072 splitter - ok
12:08:42.0625 1072 sr (94610c8653635e4459316a0050d55ce7) C:\WINDOWS\system32\DRIVERS\sr.sys
12:08:42.0640 1072 sr - ok
12:08:43.0031 1072 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
12:08:43.0125 1072 Srv - ok
12:08:43.0484 1072 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
12:08:43.0515 1072 streamip - ok
12:08:43.0812 1072 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
12:08:43.0812 1072 swenum - ok
12:08:44.0078 1072 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
12:08:44.0093 1072 swmidi - ok
12:08:44.0406 1072 symc810 - ok
12:08:44.0640 1072 symc8xx - ok
12:08:44.0828 1072 sym_hi - ok
12:08:45.0046 1072 sym_u3 - ok
12:08:45.0296 1072 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
12:08:45.0312 1072 sysaudio - ok
12:08:45.0703 1072 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
12:08:45.0812 1072 Tcpip - ok
12:08:46.0140 1072 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
12:08:46.0140 1072 TDPIPE - ok
12:08:46.0406 1072 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
12:08:46.0421 1072 TDTCP - ok
12:08:46.0703 1072 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
12:08:46.0734 1072 TermDD - ok
12:08:47.0062 1072 TosIde - ok
12:08:47.0328 1072 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
12:08:47.0343 1072 Udfs - ok
12:08:47.0562 1072 ultra - ok
12:08:47.0937 1072 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
12:08:48.0046 1072 Update - ok
12:08:48.0421 1072 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
12:08:48.0437 1072 usbaudio - ok
12:08:48.0781 1072 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
12:08:48.0781 1072 usbccgp - ok
12:08:49.0078 1072 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
12:08:49.0093 1072 usbhub - ok
12:08:49.0390 1072 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
12:08:49.0406 1072 usbprint - ok
12:08:49.0734 1072 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
12:08:49.0734 1072 usbscan - ok
12:08:49.0968 1072 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
12:08:50.0000 1072 USBSTOR - ok
12:08:50.0281 1072 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
12:08:50.0296 1072 usbuhci - ok
12:08:50.0593 1072 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
12:08:50.0609 1072 VgaSave - ok
12:08:50.0828 1072 ViaIde - ok
12:08:51.0093 1072 VolSnap (28a4b296b47782173c346e376cb374d1) C:\WINDOWS\system32\drivers\VolSnap.sys
12:08:51.0109 1072 VolSnap - ok
12:08:51.0437 1072 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
12:08:51.0437 1072 Wanarp - ok
12:08:51.0656 1072 WDICA - ok
12:08:51.0984 1072 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
12:08:52.0031 1072 wdmaud - ok
12:08:52.0593 1072 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
12:08:52.0625 1072 WSTCODEC - ok
12:08:52.0968 1072 XMLDIUSB (2882b6fd4297219e2319e899dfc48a39) C:\WINDOWS\system32\Drivers\XMLDIUSB.sys
12:08:52.0968 1072 XMLDIUSB - ok
12:08:53.0125 1072 MBR (0x1B8) (413fc2a0c716421b3158746d63736515) \Device\Harddisk0\DR0
12:08:53.0390 1072 \Device\Harddisk0\DR0 - ok
12:08:53.0484 1072 MBR (0x1B8) (739b36f7a373fc81121d831231b6d311) \Device\Harddisk1\DR2
12:08:53.0515 1072 \Device\Harddisk1\DR2 - ok
12:08:53.0562 1072 Boot (0x1200) (98358e9f63e03720ceecc9575a481225) \Device\Harddisk0\DR0\Partition0
12:08:53.0562 1072 \Device\Harddisk0\DR0\Partition0 - ok
12:08:53.0609 1072 Boot (0x1200) (abee1802b53f1171f4f8a0a5c98ba5f3) \Device\Harddisk1\DR2\Partition0
12:08:53.0625 1072 \Device\Harddisk1\DR2\Partition0 - ok
12:08:53.0640 1072 ============================================================
12:08:53.0640 1072 Scan finished
12:08:53.0640 1072 ============================================================
12:08:53.0734 1064 Detected object count: 0
12:08:53.0734 1064 Actual detected object count: 0

ukončit jsem to chtěl z důvodů že mě to bralo 95 procent prostedků.

VIRY.CZ

prosím o kontrolu logu

prosím o kontrolu logu

Re: prosím o kontrolu logu

Re: prosím o kontrolu logu

Re: prosím o kontrolu logu