Prosím o kontrolu logu - reklamní čtvereček v prohlížeči

DrWostep · Příspěvekod **DrWostep** » 24 srp 2012 12:45

: skrýn2.jpg (15.65 KiB) Zobrazeno 527 x

Prosím o radu, na reklamy a náhodně vyskakovací stránky (nejlépe s pornem) už jsem si zvykl, ale nedávno mě na prohlížeči "přistála" nějaká potvora a doslova mi znemožňuje práci. Je to reklamní čtvereček a skáče mi tam pořád i na firefoxu, i na opeře, IE nepoužívám. Jak se toho zbavit?

: skrýn.jpg (12.93 KiB) Zobrazeno 527 x

Reklama

guest · Příspěvekod **guest** » 24 srp 2012 12:52

Požádej o kontrolu logu. Návod na vytvoření logu mám v podpisu.

A zakládej si dle pravidel vlastní téma-Ltb to již přesunul, ale já už tam odpovídal.

DrWostep · Příspěvekod **DrWostep** » 24 srp 2012 13:07

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:05:35, on 24.8.2012
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\WINDOWS\system32\FsUsbExService.Exe
C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\lotus\notes\ntmulti.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Uniblue\DriverScanner\dsmonitor.exe
C:\Program Files\T-Mobile\Web'n'walk Manager\ameisvc.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\WLTRAY.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
D:\XP\softvare vindovs\0009\systém qsa 011\web export s\XYX\monitoring\monitor.exe
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\CheckPoint\ZAForceField\ForceField.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
C:\Program Files\T-Mobile\Web'n'walk Manager\Manager.exe
C:\Program Files\Uniblue\DriverScanner\driverscanner.exe
C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
C:\DOCUME~1\Jirka\LOCALS~1\Temp\RtkBtMnt.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\FastStone Capture\FSCapture.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.superhry.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.superhry.cz/
O1 - Hosts: ::1 localhost
O1 - Hosts: 67.215.245.19 www.google-analytics.com.
O1 - Hosts: 67.215.245.19 ad-emea.doubleclick.net.
O1 - Hosts: 67.215.245.19 www.statcounter.com.
O1 - Hosts: 108.163.215.51 www.google-analytics.com.
O1 - Hosts: 108.163.215.51 ad-emea.doubleclick.net.
O1 - Hosts: 108.163.215.51 www.statcounter.com.
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: ZoneAlarm Toolbar Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: Kwyshell MidpX BHO - {EBE9E2B5-B526-48BC-AD46-687263EDCB0E} - C:\Program Files\Kwyshell\MidpX\JadInvoker\MidpInvoker.dll
O3 - Toolbar: (no name) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - (no file)
O3 - Toolbar: Kwyshell MidpX - {EBE9E2B5-B526-48BC-AD46-687263EDCB0E} - C:\Program Files\Kwyshell\MidpX\JadInvoker\MidpInvoker.dll
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [irlmonitoring] D:\XP\softvare vindovs\0009\systém qsa 011\web export s\XYX\monitoring\monitor.exe
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [ISW] "C:\Program Files\CheckPoint\ZAForceField\ForceField.exe" /icon="hidden"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
O4 - HKCU\..\Run: [T-Mobile Communication Centre] "C:\Program Files\T-Mobile\Web'n'walk Manager\Manager.exe" -autorun
O4 - HKCU\..\Run: [DriverScanner] "C:\Program Files\Uniblue\DriverScanner\launcher.exe" delay 20000
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: McAfee Security Scan Plus.lnk = ?
O8 - Extra context menu item: Add to AMV/AVI Video Converter... - C:\Program Files\Media Player Utilities 4.28\AMVConverter\grab.html
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Link to &MidpX - C:\Program Files\Kwyshell\MidpX\JadInvoker\Extent\jad_wrap.htm
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: 602Updater (602XML Updater) - Software602 a.s. - C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
O23 - Service: Web'n'walk Manager mobile equipment installation service (ameisvc) - Gemfor s.r.o. - C:\Program Files\T-Mobile\Web'n'walk Manager\ameisvc.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: FsUsbExService - Teruten - C:\WINDOWS\system32\FsUsbExService.Exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: ZoneAlarm Toolbar IswSvc (IswSvc) - Check Point Software Technologies - C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Multi-user Cleanup Service - IBM Corp - C:\Program Files\lotus\notes\ntmulti.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE

--
End of file - 9238 bytes

Příspěvekod **Žbeky** » 24 srp 2012 19:08

Odinstalu McAfee a Kwyshell MidpX

Fixni:

Kód: Vybrat vše

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.superhry.cz/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.superhry.cz/
O1 - Hosts: ::1 localhost
O1 - Hosts: 67.215.245.19 www.google-analytics.com.
O1 - Hosts: 67.215.245.19 ad-emea.doubleclick.net.
O1 - Hosts: 67.215.245.19 www.statcounter.com.
O1 - Hosts: 108.163.215.51 www.google-analytics.com.
O1 - Hosts: 108.163.215.51 ad-emea.doubleclick.net.
O1 - Hosts: 108.163.215.51 www.statcounter.com.
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: ZoneAlarm Toolbar Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - (no file)
O2 - BHO: Kwyshell MidpX BHO - {EBE9E2B5-B526-48BC-AD46-687263EDCB0E} - C:\Program Files\Kwyshell\MidpX\JadInvoker\MidpInvoker.dll
O3 - Toolbar: (no name) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - (no file)
O3 - Toolbar: Kwyshell MidpX - {EBE9E2B5-B526-48BC-AD46-687263EDCB0E} - C:\Program Files\Kwyshell\MidpX\JadInvoker\MidpInvoker.dll
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [irlmonitoring] D:\XP\softvare vindovs\0009\systém qsa 011\web export s\XYX\monitoring\monitor.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [DriverScanner] "C:\Program Files\Uniblue\DriverScanner\launcher.exe" delay 20000 
O4 - Global Startup: McAfee Security Scan Plus.lnk = ?

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
- Pokud používáš Firefox, klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
- Pokud používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
- Pokud používáš Chrome, nic dalšího nevybírej a dej Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Update Malwarebytes' Anti-Malware (Aktualizace Malwarebytes' Anti-Malware) a Launch Malwarebytes' Anti-Malware (Spustit aplikaci Malwarebytes' Anti-Malware), pokud jo tak klikni na tlačítko Finish
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Perform Quick Scan (Provést rychlý sken) a klikni na tlačítko Scan (Skenovat)
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- pak zvol možnost Save Logfile a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(ZATÍM SÁM NIC NEMAŽ!).
Vlož sem pak obsah toho logu.

DrWostep · Příspěvekod **DrWostep** » 25 srp 2012 14:19

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Verze databáze: 4052

Windows 5.1.2600 Service Pack 2
Internet Explorer 6.0.2900.2180

25.8.2012 14:16:30
log malwarebytessss

Typ skenu: Rychlý sken
Skenované objekty: 114526
Uplynulý čas: 6 minuta(y), 33 sekunda(y)

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 0
Infikované hodnoty registru: 0
Infikované datové položky registru: 0
Infikované složky: 0
Infikované soubory: 1

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované hodnoty registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
C:\Documents and Settings\All Users\Plocha\MP3 Downloader.lnk (Rogue.Link) -> No action taken.

Příspěvekod **Žbeky** » 25 srp 2012 17:06

Znovu spusť MbAM a dej Scan
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- ujistit se že máš zatrhnuté všechny vypsané nálezy a klikni na tlačítko Remove Selected
- když skončí odstraňování tak se ti zobrazí log, tak ho sem dej.
- pak zvol v programu OK a pak program ukonči přes Exit

Stáhni si TDSSKiller

Na svojí plochu. Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller.2.2.7.1._(datum)_log.txt , vlož sem prosím celý obsah logu.

Vypni rezidentní štít antiviru a antispywaru
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud bude po kontrole problém spustit aplikace nebo bude vyskakovat hláška o pokusu použít neplatnou operaci na klíč registru, který je označen pro odstranění, stačí restartovat počítač.

DrWostep · Příspěvekod **DrWostep** » 26 srp 2012 08:48

Log z MbAM se smázl při restartu (O chyb) a log z ComboFixu nenalezen - omlouvám se, jsem lama... Zde log z TDSSKilleru:
07:42:32.0968 0500 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
07:42:33.0359 0500 ============================================================
07:42:33.0359 0500 Current date / time: 2012/08/26 07:42:33.0359
07:42:33.0359 0500 SystemInfo:
07:42:33.0359 0500
07:42:33.0359 0500 OS Version: 5.1.2600 ServicePack: 2.0
07:42:33.0359 0500 Product type: Workstation
07:42:33.0359 0500 ComputerName: DRWOSTEP
07:42:33.0359 0500 UserName: Jirka
07:42:33.0359 0500 Windows directory: C:\WINDOWS
07:42:33.0359 0500 System windows directory: C:\WINDOWS
07:42:33.0359 0500 Processor architecture: Intel x86
07:42:33.0359 0500 Number of processors: 1
07:42:33.0359 0500 Page size: 0x1000
07:42:33.0359 0500 Boot type: Normal boot
07:42:33.0359 0500 ============================================================
07:42:43.0265 0500 BG loaded
07:42:46.0046 0500 Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
07:42:46.0359 0500 ============================================================
07:42:46.0359 0500 \Device\Harddisk0\DR0:
07:42:46.0406 0500 MBR partitions:
07:42:46.0406 0500 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1384C7A, BlocksNum 0x4109655
07:42:46.0546 0500 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x548E30E, BlocksNum 0x407C2F2
07:42:46.0546 0500 ============================================================
07:42:48.0031 0500 C: <-> \Device\Harddisk0\DR0\Partition1
07:42:51.0812 0500 D: <-> \Device\Harddisk0\DR0\Partition2
07:42:52.0640 0500 ============================================================
07:42:52.0640 0500 Initialize success
07:42:52.0640 0500 ============================================================
07:43:21.0734 1468 ============================================================
07:43:21.0734 1468 Scan started
07:43:21.0734 1468 Mode: Manual;
07:43:21.0734 1468 ============================================================
07:43:23.0250 1468 ================ Scan system memory ========================
07:43:23.0265 1468 System memory - ok
07:43:23.0265 1468 ================ Scan services =============================
07:43:23.0468 1468 [ EBD7BD25C1D33B10D2251194C300EE85 ] 602XML Updater C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
07:43:23.0468 1468 602XML Updater - ok
07:43:23.0812 1468 Abiosdsk - ok
07:43:23.0812 1468 abp480n5 - ok
07:43:23.0859 1468 [ FA2FBCDA96D2385F773B059FE5A125A6 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
07:43:23.0859 1468 ACPI - ok
07:43:23.0890 1468 [ AFDFF022A01F0B11C776F0860C3B282F ] ACPIEC C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
07:43:23.0890 1468 ACPIEC - ok
07:43:23.0906 1468 adpu160m - ok
07:43:24.0000 1468 [ 1EE7B434BA961EF845DE136224C30FEC ] aec C:\WINDOWS\system32\drivers\aec.sys
07:43:24.0000 1468 aec - ok
07:43:24.0078 1468 [ 55E6E1C51B6D30E54335750955453702 ] AFD C:\WINDOWS\System32\drivers\afd.sys
07:43:24.0078 1468 AFD - ok
07:43:24.0078 1468 Aha154x - ok
07:43:24.0093 1468 aic78u2 - ok
07:43:24.0140 1468 aic78xx - ok
07:43:24.0171 1468 [ 026DDAA7E6F8D49DF82C7A98BAE5D0D1 ] Alerter C:\WINDOWS\system32\alrsvc.dll
07:43:24.0171 1468 Alerter - ok
07:43:24.0218 1468 [ B3F690BF43F93A012A52F28F234FAA1B ] ALG C:\WINDOWS\System32\alg.exe
07:43:24.0218 1468 ALG - ok
07:43:24.0218 1468 AliIde - ok
07:43:24.0296 1468 [ 9B9A81B298410C4388D8E41DE5F5386B ] ameisvc C:\Program Files\T-Mobile\Web'n'walk Manager\ameisvc.exe
07:43:24.0296 1468 ameisvc - ok
07:43:24.0296 1468 amsint - ok
07:43:24.0390 1468 [ 9015BC03F62940527EC92D45EE89E46F ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
07:43:24.0390 1468 AntiVirSchedulerService - ok
07:43:24.0421 1468 [ B8720A787C1223492E6F319465E996CE ] AntiVirService C:\Program Files\Avira\AntiVir Desktop\avguard.exe
07:43:24.0421 1468 AntiVirService - ok
07:43:24.0468 1468 [ 421184F91EAE5C6E78E653C6B32AAE84 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
07:43:24.0500 1468 AppMgmt - ok
07:43:24.0500 1468 asc - ok
07:43:24.0515 1468 asc3350p - ok
07:43:24.0515 1468 asc3550 - ok
07:43:24.0625 1468 [ D33C507942299753868204CC7642FA27 ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
07:43:24.0656 1468 aspnet_state - ok
07:43:24.0656 1468 [ 02000ABF34AF4C218C35D257024807D6 ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
07:43:24.0671 1468 AsyncMac - ok
07:43:24.0703 1468 [ CDFE4411A69C224BD1D11B2DA92DAC51 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
07:43:24.0703 1468 atapi - ok
07:43:24.0718 1468 Atdisk - ok
07:43:24.0734 1468 [ EC88DA854AB7D7752EC8BE11A741BB7F ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
07:43:24.0750 1468 Atmarpc - ok
07:43:24.0781 1468 [ 40D78F514C8588EF12EC718D2AF0FC4E ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
07:43:24.0781 1468 AudioSrv - ok
07:43:24.0796 1468 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
07:43:24.0812 1468 audstub - ok
07:43:24.0875 1468 [ 6A646C46B9415E13095AA9B352040A7A ] avgio C:\Program Files\Avira\AntiVir Desktop\avgio.sys
07:43:24.0875 1468 avgio - ok
07:43:24.0890 1468 [ 14FE36D8F2C6A2435275338D061A0B66 ] avgntflt C:\WINDOWS\system32\DRIVERS\avgntflt.sys
07:43:24.0890 1468 avgntflt - ok
07:43:24.0953 1468 [ 452E382340BB0C5E694ED9D3625356D0 ] avipbb C:\WINDOWS\system32\DRIVERS\avipbb.sys
07:43:24.0953 1468 avipbb - ok
07:43:25.0000 1468 [ 30D20FC98BCFD52E1DA778CF19B223D4 ] BCM43XX C:\WINDOWS\system32\DRIVERS\bcmwl5.sys
07:43:25.0000 1468 BCM43XX - ok
07:43:25.0031 1468 [ C768C8A463D32C219CE291645A0621A4 ] bcm4sbxp C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys
07:43:25.0031 1468 bcm4sbxp - ok
07:43:25.0078 1468 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
07:43:25.0078 1468 Beep - ok
07:43:25.0125 1468 [ E774A26610EC92674273486612C11CFC ] BITS C:\WINDOWS\system32\qmgr.dll
07:43:25.0250 1468 BITS - ok
07:43:25.0296 1468 [ F219E27E88107A50544153898DD8178E ] Browser C:\WINDOWS\System32\browser.dll
07:43:25.0296 1468 Browser - ok
07:43:25.0312 1468 btaudio - ok
07:43:25.0328 1468 BTDriver - ok
07:43:25.0328 1468 BTKRNL - ok
07:43:25.0375 1468 BTWDNDIS - ok
07:43:25.0406 1468 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
07:43:25.0406 1468 cbidf2k - ok
07:43:25.0453 1468 [ 6163ED60B684BAB19D3352AB22FC48B2 ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
07:43:25.0453 1468 CCDECODE - ok
07:43:25.0468 1468 cd20xrnt - ok
07:43:25.0562 1468 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
07:43:25.0562 1468 Cdaudio - ok
07:43:25.0578 1468 [ CD7D5152DF32B47F4E36F710B35AAE02 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
07:43:25.0578 1468 Cdfs - ok
07:43:25.0656 1468 [ AF9C19B3100FE010496B1A27181FBF72 ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
07:43:25.0656 1468 Cdrom - ok
07:43:25.0703 1468 Changer - ok
07:43:25.0781 1468 [ 9E21229E04E1D301BB40222FE4641CB2 ] CiSvc C:\WINDOWS\system32\cisvc.exe
07:43:25.0781 1468 CiSvc - ok
07:43:25.0828 1468 [ D3DC45553C8025338E08A60E95B1B91D ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
07:43:25.0843 1468 ClipSrv - ok
07:43:25.0921 1468 [ 3C4D595E7F9B747325AEF28B4ADCAAE5 ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
07:43:25.0968 1468 clr_optimization_v2.0.50727_32 - ok
07:43:26.0031 1468 [ 4266BE808F85826AEDF3C64C1E240203 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys
07:43:26.0031 1468 CmBatt - ok
07:43:26.0046 1468 CmdIde - ok
07:43:26.0078 1468 [ DF1B1A24BF52D0EBC01ED4ECE8979F50 ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys
07:43:26.0093 1468 Compbatt - ok
07:43:26.0093 1468 COMSysApp - ok
07:43:26.0109 1468 Cpqarray - ok
07:43:26.0171 1468 [ 70D2A1756F4B2067658A186C963FCABD ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
07:43:26.0171 1468 CryptSvc - ok
07:43:26.0171 1468 dac2w2k - ok
07:43:26.0187 1468 dac960nt - ok
07:43:26.0265 1468 [ DBDE980506B54AE928D151D12419B425 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
07:43:26.0265 1468 DcomLaunch - ok
07:43:26.0312 1468 [ 06A30F453CA4CB1431037E4813F697CB ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
07:43:26.0312 1468 Dhcp - ok
07:43:26.0328 1468 [ 00CA44E4534865F8A3B64F7C0984BFF0 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
07:43:26.0328 1468 Disk - ok
07:43:26.0359 1468 dmadmin - ok
07:43:26.0390 1468 [ E1968EDEC81C430108FEB23AB07BDB14 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
07:43:26.0406 1468 dmboot - ok
07:43:26.0453 1468 [ 1B1520A82E396E46B9AE9FA6B03FF6C6 ] dmio C:\WINDOWS\system32\drivers\dmio.sys
07:43:26.0500 1468 dmio - ok
07:43:26.0531 1468 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
07:43:26.0531 1468 dmload - ok
07:43:26.0546 1468 [ 7B3CA72885923EB947221F17F3E3AC59 ] dmserver C:\WINDOWS\System32\dmserver.dll
07:43:26.0546 1468 dmserver - ok
07:43:26.0578 1468 [ A6F881284AC1150E37D9AE47FF601267 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
07:43:26.0578 1468 DMusic - ok
07:43:26.0609 1468 [ 0EEF8922D46D4846B472B1F6FD0541BC ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
07:43:26.0609 1468 Dnscache - ok
07:43:26.0625 1468 dpti2o - ok
07:43:26.0640 1468 [ 1ED4DBBAE9F5D558DBBA4CC450E3EB2E ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
07:43:26.0640 1468 drmkaud - ok
07:43:26.0703 1468 [ 5AEE9EEDCFBF2B0F9DEC53C27EE722A3 ] EMSCR C:\WINDOWS\system32\DRIVERS\EMS7SK.sys
07:43:26.0703 1468 EMSCR - ok
07:43:26.0734 1468 [ D6F7428B201E33BC80066B47144CB568 ] ERSvc C:\WINDOWS\System32\ersvc.dll
07:43:26.0734 1468 ERSvc - ok
07:43:26.0750 1468 [ 8E56AB21D10C368029CEA57DE47D79C2 ] ESDCR C:\WINDOWS\system32\DRIVERS\ESD7SK.sys
07:43:26.0750 1468 ESDCR - ok
07:43:26.0781 1468 [ 0A58FADE5E12D3A611427292073362CB ] ESMCR C:\WINDOWS\system32\DRIVERS\ESM7SK.sys
07:43:26.0781 1468 ESMCR - ok
07:43:26.0796 1468 [ 076B1A923259F7A10998FA234A01D629 ] Ethpdrv C:\WINDOWS\system32\DRIVERS\ethpdrv.sys
07:43:26.0796 1468 Ethpdrv - ok
07:43:26.0828 1468 [ 6E401E61F952FBBF708AFBECEFAFAE81 ] Eventlog C:\WINDOWS\system32\services.exe
07:43:26.0828 1468 Eventlog - ok
07:43:26.0859 1468 [ 398314DF0B21338C4996B469101750D1 ] EventSystem C:\WINDOWS\system32\es.dll
07:43:26.0875 1468 EventSystem - ok
07:43:26.0906 1468 [ 3117F595E9615E04F05A54FC15A03B20 ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
07:43:26.0906 1468 Fastfat - ok
07:43:26.0937 1468 [ E26EDC7AFA8DA3C528055EABC82C8C79 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
07:43:26.0937 1468 FastUserSwitchingCompatibility - ok
07:43:26.0953 1468 [ CED2E8396A8838E59D8FD529C680E02C ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
07:43:26.0953 1468 Fdc - ok
07:43:26.0984 1468 [ 266DAB58619B17BDF37FABBD48D875CA ] Fips C:\WINDOWS\system32\drivers\Fips.sys
07:43:26.0984 1468 Fips - ok
07:43:27.0015 1468 [ 0DD1DE43115B93F4D85E889D7A86F548 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
07:43:27.0015 1468 Flpydisk - ok
07:43:27.0062 1468 [ 3D234FB6D6EE875EB009864A299BEA29 ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys
07:43:27.0062 1468 FltMgr - ok
07:43:27.0093 1468 [ 790A4CA68F44BE35967B3DF61F3E4675 ] FsUsbExDisk C:\WINDOWS\system32\FsUsbExDisk.SYS
07:43:27.0093 1468 FsUsbExDisk - ok
07:43:27.0125 1468 [ D3F9205CC4CB07553F2F9472C767EA87 ] FsUsbExService C:\WINDOWS\system32\FsUsbExService.Exe
07:43:27.0125 1468 FsUsbExService - ok
07:43:27.0156 1468 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
07:43:27.0156 1468 Fs_Rec - ok
07:43:27.0171 1468 [ 4E664D8541DB4A66B73A24257E322E1F ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
07:43:27.0171 1468 Ftdisk - ok
07:43:27.0187 1468 [ C0F1D4A21DE5A415DF8170616703DEBF ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
07:43:27.0203 1468 Gpc - ok
07:43:27.0265 1468 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
07:43:27.0265 1468 gupdate - ok
07:43:27.0265 1468 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
07:43:27.0265 1468 gupdatem - ok
07:43:27.0359 1468 [ 3FCC124B6E08EE0E9351F717DD136939 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
07:43:27.0359 1468 HDAudBus - ok
07:43:27.0437 1468 [ F59152272782FED8A8197FA788287F68 ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
07:43:27.0437 1468 helpsvc - ok
07:43:27.0468 1468 [ D2DCF769E5A70027058AD5BE1F9B55BF ] HidServ C:\WINDOWS\System32\hidserv.dll
07:43:27.0468 1468 HidServ - ok
07:43:27.0500 1468 [ 1DE6783B918F540149AA69943BDFEBA8 ] hidusb C:\WINDOWS\system32\DRIVERS\hidusb.sys
07:43:27.0515 1468 hidusb - ok
07:43:27.0515 1468 hpn - ok
07:43:27.0562 1468 [ CB77BB47E67E84DEB17BA29632501730 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
07:43:27.0625 1468 HTTP - ok
07:43:27.0656 1468 [ DA826826C5C9116F47E0CD0CA8CC7C11 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
07:43:27.0656 1468 HTTPFilter - ok
07:43:27.0687 1468 hwdatacard - ok
07:43:27.0687 1468 i2omgmt - ok
07:43:27.0703 1468 i2omp - ok
07:43:27.0718 1468 [ 0F42DE9909B5DBF2C48DD1A79D491AF5 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
07:43:27.0718 1468 i8042prt - ok
07:43:28.0046 1468 [ 0F0194C4B635C10C3F785E4FEE52D641 ] ialm C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
07:43:28.0046 1468 ialm - ok
07:43:28.0187 1468 [ 2F95BEF56AEEEB45DE55EC44668E2695 ] IJPLMSVC C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
07:43:28.0187 1468 IJPLMSVC - ok
07:43:28.0218 1468 [ F8AA320C6A0409C0380E5D8A99D76EC6 ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
07:43:28.0218 1468 Imapi - ok
07:43:28.0296 1468 [ CF9D286B34CB4912F3B28B4972D5CB33 ] ImapiService C:\WINDOWS\system32\imapi.exe
07:43:28.0296 1468 ImapiService - ok
07:43:28.0312 1468 ini910u - ok
07:43:28.0656 1468 [ 909D03B3B7FB7C830B74F74F4D0EA7CE ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
07:43:28.0687 1468 IntcAzAudAddService - ok
07:43:28.0703 1468 IntelIde - ok
07:43:28.0750 1468 [ 10A3AC0F0DF720AD3C3FD13861D50EB9 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
07:43:28.0765 1468 intelppm - ok
07:43:28.0796 1468 [ 4448006B6BC60E6C027932CFC38D6855 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
07:43:28.0796 1468 Ip6Fw - ok
07:43:28.0843 1468 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
07:43:28.0843 1468 IpFilterDriver - ok
07:43:28.0859 1468 [ E1EC7F5DA720B640CD8FB8424F1B14BB ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
07:43:28.0859 1468 IpInIp - ok
07:43:28.0906 1468 [ E2168CBC7098FFE963C6F23F472A3593 ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
07:43:28.0906 1468 IpNat - ok
07:43:28.0953 1468 [ 64537AA5C003A6AFEEE1DF819062D0D1 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
07:43:28.0953 1468 IPSec - ok
07:43:28.0984 1468 [ D3F6DF74534CFDCCF49803E739ACAEA0 ] IpwP C:\WINDOWS\system32\DRIVERS\ipw3gnet.sys
07:43:28.0984 1468 IpwP - ok
07:43:29.0000 1468 ipw_bus - ok
07:43:29.0000 1468 ipw_mdfl - ok
07:43:29.0015 1468 ipw_mdm - ok
07:43:29.0062 1468 [ 50708DAA1B1CBB7D6AC1CF8F56A24410 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
07:43:29.0062 1468 IRENUM - ok
07:43:30.0062 1468 [ 1091528512E4DD7ED5FDDCC4DF1C53D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
07:43:30.0062 1468 isapnp - ok
07:43:30.0093 1468 ISWKL - ok
07:43:30.0140 1468 [ 879A0211BD911FC4B411B1D14559A791 ] IswSvc C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
07:43:30.0140 1468 IswSvc - ok
07:43:30.0203 1468 [ E4AE0CBC0B55A5FAA6996E38CE6C981B ] JavaQuickStarterService C:\Program Files\Java\jre6\bin\jqs.exe
07:43:30.0203 1468 JavaQuickStarterService - ok
07:43:30.0375 1468 [ 6F877BF8DC01A550CD666F3BEDB2213C ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
07:43:30.0375 1468 Kbdclass - ok
07:43:30.0390 1468 [ 065B5A83AA78C0C7047BF22E0AB5C821 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
07:43:30.0390 1468 kbdhid - ok
07:43:30.0437 1468 [ BA5DEDA4D934E6288C2F66CAF58D2562 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
07:43:30.0453 1468 kmixer - ok
07:43:30.0484 1468 [ EB7FFE87FD367EA8FCA0506F74A87FBB ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
07:43:30.0500 1468 KSecDD - ok
07:43:30.0531 1468 [ 9757F6E16FD1EAB54D6EB9D5EB3CBCB5 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
07:43:30.0546 1468 lanmanserver - ok
07:43:30.0578 1468 [ 57F5534F07DF14C6A74EC6A40B6D04D5 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
07:43:30.0578 1468 lanmanworkstation - ok
07:43:30.0593 1468 lbrtfdc - ok
07:43:30.0656 1468 [ F9EE6D2AAB0690B34AE35BA9921A1414 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
07:43:30.0656 1468 LmHosts - ok
07:43:30.0703 1468 [ 0B058116D3D4ECCA7DED38F16E0581B2 ] massfilter C:\WINDOWS\system32\drivers\massfilter.sys
07:43:30.0703 1468 massfilter - ok
07:43:30.0718 1468 [ 8B2FCBD881879B55BE40B41F12FFC431 ] Messenger C:\WINDOWS\System32\msgsvc.dll
07:43:30.0718 1468 Messenger - ok
07:43:30.0750 1468 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
07:43:30.0750 1468 mnmdd - ok
07:43:30.0796 1468 [ 7D137132D6A9B41EF800E59A771ED48C ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
07:43:30.0796 1468 mnmsrvc - ok
07:43:30.0859 1468 [ 60210DEB037846AFE521EBF349964F6B ] Modem C:\WINDOWS\system32\drivers\Modem.sys
07:43:30.0859 1468 Modem - ok
07:43:30.0890 1468 [ B160EC94114715675509115986400FD9 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
07:43:30.0890 1468 Mouclass - ok
07:43:30.0890 1468 [ BB269EBA740737AB749B214D568B6812 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
07:43:30.0890 1468 mouhid - ok
07:43:30.0921 1468 [ 65653F3B4477F3C63E68A9659F85EE2E ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
07:43:30.0921 1468 MountMgr - ok
07:43:30.0984 1468 [ 46297FA8E30A6007F14118FC2B942FBC ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
07:43:31.0000 1468 MozillaMaintenance - ok
07:43:31.0000 1468 mraid35x - ok
07:43:31.0031 1468 [ 29414447EB5BDE2F8397DC965DBB3156 ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
07:43:31.0046 1468 MRxDAV - ok
07:43:31.0078 1468 [ 6F2D483B97B395544E59749C47963C6A ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
07:43:31.0078 1468 MRxSmb - ok
07:43:31.0125 1468 [ 944A24032AED84C59455B981F6CA1C1A ] MSDTC C:\WINDOWS\system32\msdtc.exe
07:43:31.0125 1468 MSDTC - ok
07:43:31.0156 1468 [ 561B3A4333CA2DBDBA28B5B956822519 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
07:43:31.0156 1468 Msfs - ok
07:43:31.0156 1468 MSIServer - ok
07:43:31.0250 1468 [ AE431A8DD3C1D0D0610CDBAC16057AD0 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
07:43:31.0250 1468 MSKSSRV - ok
07:43:31.0281 1468 [ 13E75FEF9DFEB08EEDED9D0246E1F448 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
07:43:31.0281 1468 MSPCLOCK - ok
07:43:31.0281 1468 [ 1988A33FF19242576C3D0EF9CE785DA7 ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
07:43:31.0281 1468 MSPQM - ok
07:43:31.0328 1468 [ 469541F8BFD2B32659D5D463A6714BCE ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
07:43:31.0328 1468 mssmbios - ok
07:43:31.0359 1468 [ BF13612142995096AB084F2DB7F40F77 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
07:43:31.0359 1468 MSTEE - ok
07:43:31.0468 1468 [ 722A09437B0658420763BEA919DE671B ] Multi-user Cleanup Service C:\Program Files\lotus\notes\ntmulti.exe
07:43:31.0578 1468 Multi-user Cleanup Service - ok
07:43:31.0625 1468 [ 82035E0F41C2DD05AE41D27FE6CF7DE1 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
07:43:31.0625 1468 Mup - ok
07:43:31.0656 1468 [ 5C8DC6429C43DC6177C1FA5B76290D1A ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
07:43:31.0796 1468 NABTSFEC - ok
07:43:31.0906 1468 [ 558635D3AF1C7546D26067D5D9B6959E ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
07:43:31.0953 1468 NDIS - ok
07:43:32.0062 1468 [ 520CE427A8B298F54112857BCF6BDE15 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
07:43:32.0125 1468 NdisIP - ok
07:43:32.0218 1468 [ 08D43BBDACDF23F34D79E44ED35C1B4C ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
07:43:32.0218 1468 NdisTapi - ok
07:43:32.0343 1468 [ 34D6CD56409DA9A7ED573E1C90A308BF ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
07:43:32.0343 1468 Ndisuio - ok
07:43:32.0359 1468 [ 0B90E255A9490166AB368CD55A529893 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
07:43:32.0359 1468 NdisWan - ok
07:43:32.0375 1468 [ 59FC3FB44D2669BC144FD87826BB571F ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
07:43:32.0375 1468 NDProxy - ok
07:43:32.0406 1468 [ 3A2ACA8FC1D7786902CA434998D7CEB4 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
07:43:32.0406 1468 NetBIOS - ok
07:43:32.0421 1468 [ 0C80E410CD2F47134407EE7DD19CC86B ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
07:43:32.0437 1468 NetBT - ok
07:43:32.0484 1468 [ 818053225BF4AAC5F0F718001E492F70 ] NetDDE C:\WINDOWS\system32\netdde.exe
07:43:32.0484 1468 NetDDE - ok
07:43:32.0484 1468 [ 818053225BF4AAC5F0F718001E492F70 ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
07:43:32.0500 1468 NetDDEdsdm - ok
07:43:32.0531 1468 [ 82A362FE1D4980B71B588D9C10748511 ] Netlogon C:\WINDOWS\system32\lsass.exe
07:43:32.0531 1468 Netlogon - ok
07:43:32.0578 1468 [ 86AD5B0E02F2C968FBB096AB4C555C9C ] Netman C:\WINDOWS\System32\netman.dll
07:43:32.0578 1468 Netman - ok
07:43:32.0640 1468 [ A6E79B60AC73241E5721AB6A573D2B24 ] Nla C:\WINDOWS\System32\mswsock.dll
07:43:32.0656 1468 Nla - ok
07:43:32.0703 1468 [ 60CF8C7192B3614F240838DDBAA4A245 ] nm C:\WINDOWS\system32\DRIVERS\NMnt.sys
07:43:32.0703 1468 nm - ok
07:43:32.0734 1468 [ 696B37EA78F9D9767A2F18BA0304A51A ] nmwcd C:\WINDOWS\system32\drivers\nmwcd.sys
07:43:32.0734 1468 nmwcd - ok
07:43:32.0796 1468 [ BBB6010FC01D9239D88FCDF133E03FF0 ] nmwcdc C:\WINDOWS\system32\drivers\nmwcdc.sys
07:43:32.0796 1468 nmwcdc - ok
07:43:32.0828 1468 [ 4C3726467D67483F054C88F058E9C153 ] nmwcdcj C:\WINDOWS\system32\drivers\nmwcdcj.sys
07:43:32.0828 1468 nmwcdcj - ok
07:43:32.0843 1468 [ 4C3726467D67483F054C88F058E9C153 ] nmwcdcm C:\WINDOWS\system32\drivers\nmwcdcm.sys
07:43:32.0843 1468 nmwcdcm - ok
07:43:32.0875 1468 [ 61F431BB28830F7240453B064E5F5824 ] NPF C:\WINDOWS\system32\drivers\npf.sys
07:43:32.0875 1468 NPF - ok
07:43:32.0890 1468 [ 4F601BCB8F64EA3AC0994F98FED03F8E ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
07:43:32.0890 1468 Npfs - ok
07:43:32.0953 1468 [ 19A811EF5F1ED5C926A028CE107FF1AF ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
07:43:32.0953 1468 Ntfs - ok
07:43:32.0984 1468 [ 82A362FE1D4980B71B588D9C10748511 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
07:43:32.0984 1468 NtLmSsp - ok
07:43:33.0078 1468 [ D8D2B13BA93AE830B1A637DF571D1195 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
07:43:33.0093 1468 NtmsSvc - ok
07:43:33.0125 1468 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
07:43:33.0125 1468 Null - ok
07:43:33.0156 1468 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
07:43:33.0171 1468 NwlnkFlt - ok
07:43:33.0281 1468 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
07:43:33.0281 1468 NwlnkFwd - ok
07:43:33.0343 1468 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
07:43:33.0343 1468 ose - ok
07:43:33.0359 1468 [ 76A18CAA2FEFB28A4CED38D76837E86E ] Parport C:\WINDOWS\system32\drivers\Parport.sys
07:43:33.0375 1468 Parport - ok
07:43:33.0390 1468 [ 3334430C29DC338092F79C38EF7B4CD0 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
07:43:33.0390 1468 PartMgr - ok
07:43:33.0421 1468 [ 1FAE19D0457176318BBA4A8795656EBC ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
07:43:33.0421 1468 ParVdm - ok
07:43:33.0437 1468 [ 175CC28DCF819F78CAA3FBD44AD9E52A ] pccsmcfd C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
07:43:33.0437 1468 pccsmcfd - ok
07:43:33.0484 1468 [ B7979F37BB7B9DF2230046134955E6E7 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
07:43:33.0484 1468 PCI - ok
07:43:33.0484 1468 PCIDump - ok
07:43:33.0515 1468 [ 2DA4EC85E0EA7A45C6B2A05820492D5A ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
07:43:33.0515 1468 PCIIde - ok
07:43:33.0531 1468 [ 90505755634407D4EF4C6DEA60FC1DF9 ] Pcmcia C:\WINDOWS\system32\DRIVERS\pcmcia.sys
07:43:33.0546 1468 Pcmcia - ok
07:43:33.0609 1468 [ CD2425FD848E5FA09C9A213DA56817A9 ] Pcouffin C:\WINDOWS\system32\Drivers\Pcouffin.sys
07:43:33.0609 1468 Pcouffin - ok
07:43:33.0625 1468 PDCOMP - ok
07:43:33.0625 1468 PDFRAME - ok
07:43:33.0640 1468 PDRELI - ok
07:43:33.0640 1468 PDRFRAME - ok
07:43:33.0656 1468 perc2 - ok
07:43:33.0656 1468 perc2hib - ok
07:43:33.0703 1468 [ 6E401E61F952FBBF708AFBECEFAFAE81 ] PlugPlay C:\WINDOWS\system32\services.exe
07:43:33.0703 1468 PlugPlay - ok
07:43:33.0765 1468 [ 75CF9DE0A67AF916ED591743DFB69694 ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.dll
07:43:33.0765 1468 Pml Driver HPZ12 - ok
07:43:33.0781 1468 [ 82A362FE1D4980B71B588D9C10748511 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
07:43:33.0781 1468 PolicyAgent - ok
07:43:33.0796 1468 [ 1C5CC65AAC0783C344F16353E60B72AC ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
07:43:33.0796 1468 PptpMiniport - ok
07:43:33.0828 1468 [ BC91060F244722A5D1C0E8016D9B0173 ] prodrv06 C:\WINDOWS\System32\drivers\prodrv06.sys
07:43:33.0828 1468 prodrv06 - ok
07:43:33.0843 1468 [ 880DC7832FD1DD7411E608CAD45CF4A1 ] prohlp02 C:\WINDOWS\system32\drivers\prohlp02.sys
07:43:33.0859 1468 prohlp02 - ok
07:43:33.0875 1468 [ F3471E7971EE62420451D958DA635064 ] prosync1 C:\WINDOWS\system32\drivers\prosync1.sys
07:43:33.0875 1468 prosync1 - ok
07:43:33.0890 1468 [ 82A362FE1D4980B71B588D9C10748511 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
07:43:33.0890 1468 ProtectedStorage - ok
07:43:33.0890 1468 [ 48671F327553DCF1D27F6197F622A668 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
07:43:33.0890 1468 PSched - ok
07:43:33.0937 1468 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
07:43:33.0937 1468 Ptilink - ok
07:43:33.0937 1468 ql1080 - ok
07:43:33.0953 1468 Ql10wnt - ok
07:43:33.0953 1468 ql12160 - ok
07:43:33.0968 1468 ql1240 - ok
07:43:33.0968 1468 ql1280 - ok
07:43:34.0000 1468 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
07:43:34.0000 1468 RasAcd - ok
07:43:34.0031 1468 [ E68B6F9A726A444059705AB43B5656D1 ] RasAuto C:\WINDOWS\System32\rasauto.dll
07:43:34.0031 1468 RasAuto - ok
07:43:34.0078 1468 [ 98FAEB4A4DCF812BA1C6FCA4AA3E115C ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
07:43:34.0078 1468 Rasl2tp - ok
07:43:34.0125 1468 [ 43A5C7969718EE00940A6D096960DBC8 ] RasMan C:\WINDOWS\System32\rasmans.dll
07:43:34.0125 1468 RasMan - ok
07:43:34.0187 1468 [ 7306EEED8895454CBED4669BE9F79FAA ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
07:43:34.0187 1468 RasPppoe - ok
07:43:34.0187 1468 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
07:43:34.0203 1468 Raspti - ok
07:43:34.0250 1468 [ 03B965B1CA47F6EF60EB5E51CB50E0AF ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
07:43:34.0250 1468 Rdbss - ok
07:43:34.0250 1468 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
07:43:34.0250 1468 RDPCDD - ok
07:43:34.0312 1468 [ A2CAE2C60BC37E0751EF9DDA7CEAF4AD ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
07:43:34.0312 1468 rdpdr - ok
07:43:34.0343 1468 [ B54CD38A9EBFBF2B3561426E3FE26F62 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
07:43:34.0343 1468 RDPWD - ok
07:43:34.0359 1468 [ 125ACF258DA9633F748131A0E0185AF3 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
07:43:34.0421 1468 RDSessMgr - ok
07:43:34.0453 1468 [ ABA13D33E1F888C9A68599A48A8840D6 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
07:43:34.0453 1468 redbook - ok
07:43:34.0500 1468 [ EB5E1A601E5A1908A87E4D5A41803D98 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
07:43:34.0500 1468 RemoteAccess - ok
07:43:34.0625 1468 [ 5B21208FCF8970BB61FE98E19D828714 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
07:43:34.0625 1468 RemoteRegistry - ok
07:43:34.0656 1468 [ 03ECE2B79181B771EE2AD26139E3DAC2 ] rpcapd C:\Program Files\WinPcap\rpcapd.exe
07:43:34.0656 1468 rpcapd - ok
07:43:34.0734 1468 [ C8A3B668985D61249F2DC71716C58DE8 ] RpcLocator C:\WINDOWS\system32\locator.exe
07:43:34.0734 1468 RpcLocator - ok
07:43:34.0781 1468 [ DBDE980506B54AE928D151D12419B425 ] RpcSs C:\WINDOWS\System32\rpcss.dll
07:43:34.0796 1468 RpcSs - ok
07:43:34.0859 1468 [ 09AB2E71E58B078038E3BFDBA7FFC984 ] RSVP C:\WINDOWS\system32\rsvp.exe
07:43:34.0859 1468 RSVP - ok
07:43:34.0906 1468 [ 82A362FE1D4980B71B588D9C10748511 ] SamSs C:\WINDOWS\system32\lsass.exe
07:43:34.0906 1468 SamSs - ok
07:43:34.0937 1468 [ C177354E995CC1AA1F767BCD9980434A ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
07:43:34.0937 1468 SCardSvr - ok
07:43:35.0000 1468 [ 29AC93307C6182DBE336BCA314947F28 ] Schedule C:\WINDOWS\system32\schedsvc.dll
07:43:35.0015 1468 Schedule - ok
07:43:35.0062 1468 [ 02FC71B020EC8700EE8A46C58BC6F276 ] sdbus C:\WINDOWS\system32\DRIVERS\sdbus.sys
07:43:35.0062 1468 sdbus - ok
07:43:35.0109 1468 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
07:43:35.0109 1468 Secdrv - ok
07:43:35.0140 1468 [ C76CB8A133374FAC6805F83FF7B7DA03 ] seclogon C:\WINDOWS\System32\seclogon.dll
07:43:35.0140 1468 seclogon - ok
07:43:35.0156 1468 [ 220AD85BA9C5B3011296354011B901CC ] SENS C:\WINDOWS\system32\sens.dll
07:43:35.0156 1468 SENS - ok
07:43:35.0171 1468 [ C1DDBC85251551A840212999DA3D95F3 ] Serial C:\WINDOWS\system32\drivers\Serial.sys
07:43:35.0171 1468 Serial - ok
07:43:35.0265 1468 [ 9D38320BB32230349379DF5DDBBF7FCE ] ServiceLayer C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
07:43:35.0281 1468 ServiceLayer - ok
07:43:35.0468 1468 [ 4C0D673281178CB496011A2E28571FC8 ] sfdrv01 C:\WINDOWS\system32\drivers\sfdrv01.sys
07:43:35.0484 1468 sfdrv01 - ok
07:43:35.0500 1468 [ 462AEE0EA0481EA8BD45CAC876A4CCC4 ] sfhlp01 C:\WINDOWS\system32\drivers\sfhlp01.sys
07:43:35.0500 1468 sfhlp01 - ok
07:43:35.0500 1468 [ 15BE2B5E4DC5B8623CF167720682ABC9 ] sfhlp02 C:\WINDOWS\system32\drivers\sfhlp02.sys
07:43:35.0515 1468 sfhlp02 - ok
07:43:35.0531 1468 [ 0D13B6DF6E9E101013A7AFB0CE629FE0 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
07:43:35.0531 1468 Sfloppy - ok
07:43:35.0546 1468 [ EFEBBC1D13FDB77A6AF4EDDFC7232EDF ] sfsync02 C:\WINDOWS\system32\drivers\sfsync02.sys
07:43:35.0546 1468 sfsync02 - ok
07:43:35.0578 1468 [ 6A93501BCDEBF159109429B022C0FF83 ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
07:43:35.0578 1468 SharedAccess - ok
07:43:35.0625 1468 [ E26EDC7AFA8DA3C528055EABC82C8C79 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
07:43:35.0640 1468 ShellHWDetection - ok
07:43:35.0640 1468 Simbad - ok
07:43:35.0687 1468 [ 5CAEED86821FA2C6139E32E9E05CCDC9 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
07:43:35.0687 1468 SLIP - ok
07:43:35.0687 1468 Sparrow - ok
07:43:35.0734 1468 [ 0CE218578FFF5F4F7E4201539C45C78F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
07:43:35.0734 1468 splitter - ok
07:43:35.0765 1468 [ DA81EC57ACD4CDC3D4C51CF3D409AF9F ] Spooler C:\WINDOWS\system32\spoolsv.exe
07:43:35.0765 1468 Spooler - ok
07:43:35.0812 1468 [ D390675B8CE45E5FB359338E5E649329 ] sptd C:\WINDOWS\system32\Drivers\sptd.sys
07:43:35.0812 1468 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\sptd.sys. md5: D390675B8CE45E5FB359338E5E649329
07:43:35.0828 1468 sptd ( LockedFile.Multi.Generic ) - warning
07:43:35.0828 1468 sptd - detected LockedFile.Multi.Generic (1)
07:43:35.0859 1468 [ E3879C514F59402E1A7CE58A5511816F ] SQTECH905C C:\WINDOWS\system32\Drivers\Capt905c.sys
07:43:35.0859 1468 SQTECH905C - ok
07:43:35.0890 1468 [ A74035EA526DB97D9D50D2143A55F5CF ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
07:43:35.0890 1468 sr - ok
07:43:35.0953 1468 [ 3CD57F31A64D32FDB28918B16D1E6AAC ] srservice C:\WINDOWS\system32\srsvc.dll
07:43:35.0953 1468 srservice - ok
07:43:36.0000 1468 [ AB9C79ED12D65E800AAAD3D72A04792F ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
07:43:36.0000 1468 Srv - ok
07:43:36.0046 1468 [ 88C28F53F53438DAFCD95E99C837C61E ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
07:43:36.0062 1468 SSDPSRV - ok
07:43:36.0109 1468 [ 654DFEA96BC82B4ACDA4F37E5E4A3BBF ] ssmdrv C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
07:43:36.0109 1468 ssmdrv - ok
07:43:36.0156 1468 [ EAA66218CD39F5BB1B4853A78C67C787 ] ss_bbus C:\WINDOWS\system32\DRIVERS\ss_bbus.sys
07:43:36.0156 1468 ss_bbus - ok
07:43:36.0187 1468 [ 91765F99914ED8693D8BC76524F21581 ] ss_bmdfl C:\WINDOWS\system32\DRIVERS\ss_bmdfl.sys
07:43:36.0187 1468 ss_bmdfl - ok
07:43:36.0218 1468 [ 840E7B738B03C10EE91D9B7D3D6EFF15 ] ss_bmdm C:\WINDOWS\system32\DRIVERS\ss_bmdm.sys
07:43:36.0218 1468 ss_bmdm - ok
07:43:36.0265 1468 [ B824215A934A24928CDDD1EF7E113035 ] stisvc C:\WINDOWS\system32\wiaservc.dll
07:43:36.0265 1468 stisvc - ok
07:43:36.0296 1468 [ 284C57DF5DC7ABCA656BC2B96A667AFB ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
07:43:36.0296 1468 streamip - ok
07:43:36.0375 1468 [ 03C1BAE4766E2450219D20B993D6E046 ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
07:43:36.0375 1468 swenum - ok
07:43:36.0406 1468 [ 94ABC808FC4B6D7D2BBF42B85E25BB4D ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
07:43:36.0406 1468 swmidi - ok
07:43:36.0406 1468 SwPrv - ok
07:43:36.0421 1468 symc810 - ok
07:43:36.0421 1468 symc8xx - ok
07:43:36.0437 1468 sym_hi - ok
07:43:36.0437 1468 sym_u3 - ok
07:43:36.0484 1468 [ 66F680409FC3BDDF62741E3E920A8454 ] SynTP C:\WINDOWS\system32\DRIVERS\SynTP.sys
07:43:36.0484 1468 SynTP - ok
07:43:36.0531 1468 [ 650AD082D46BAC0E64C9C0E0928492FD ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
07:43:36.0546 1468 sysaudio - ok
07:43:36.0578 1468 [ D9C9ECFF4904E6151525C533AEEDF8F4 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
07:43:36.0578 1468 SysmonLog - ok
07:43:36.0625 1468 [ 250241D65CCF692AEACC318A266413C2 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
07:43:36.0625 1468 TapiSrv - ok
07:43:36.0687 1468 [ 2A5554FC5B1E04E131230E3CE035C3F9 ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
07:43:36.0703 1468 Tcpip - ok
07:43:36.0781 1468 [ 38D437CF2D98965F239B0ABCD66DCB0F ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
07:43:36.0781 1468 TDPIPE - ok
07:43:36.0796 1468 [ ED0580AF02502D00AD8C4C066B156BE9 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
07:43:36.0796 1468 TDTCP - ok
07:43:36.0828 1468 [ A540A99C281D933F3D69D55E48727F47 ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
07:43:36.0843 1468 TermDD - ok
07:43:36.0859 1468 [ 2F5919F2F6EE7A845893D9C3AA2BC56A ] TermService C:\WINDOWS\System32\termsrv.dll
07:43:36.0875 1468 TermService - ok
07:43:36.0890 1468 [ E26EDC7AFA8DA3C528055EABC82C8C79 ] Themes C:\WINDOWS\System32\shsvcs.dll
07:43:36.0890 1468 Themes - ok
07:43:37.0000 1468 [ 535C2FB97336BAFA509F4783DD1E5746 ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
07:43:37.0000 1468 TlntSvr - ok
07:43:37.0000 1468 TosIde - ok
07:43:37.0046 1468 [ 4DCE17221B1A87FB47E36842F3E38753 ] TrkWks C:\WINDOWS\system32\trkwks.dll
07:43:37.0046 1468 TrkWks - ok
07:43:37.0109 1468 [ 12F70256F140CD7D52C58C7048FDE657 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
07:43:37.0109 1468 Udfs - ok
07:43:37.0109 1468 ultra - ok
07:43:37.0171 1468 [ CED744117E91BDC0BEB810F7D8608183 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
07:43:37.0171 1468 Update - ok
07:43:37.0250 1468 [ 0C0C2C77C6B52181369594F2AA36AF40 ] upnphost C:\WINDOWS\System32\upnphost.dll
07:43:37.0250 1468 upnphost - ok
07:43:37.0296 1468 [ 6148A3BA4D9CC628357FC92014FEA30E ] UPS C:\WINDOWS\System32\ups.exe
07:43:37.0312 1468 UPS - ok
07:43:37.0328 1468 [ BFFD9F120CC63BCBAA3D840F3EEF9F79 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
07:43:37.0328 1468 usbccgp - ok
07:43:37.0359 1468 [ 15E993BA2F6946B2BFBBFCD30398621E ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
07:43:37.0359 1468 usbehci - ok
07:43:37.0390 1468 [ C72F40947F92CEA56A8FB532EDF025F1 ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
07:43:37.0390 1468 usbhub - ok
07:43:37.0421 1468 [ A42369B7CD8886CD7C70F33DA6FCBCF5 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
07:43:37.0421 1468 usbprint - ok
07:43:37.0453 1468 [ A6BC71402F4F7DD5B77FD7F4A8DDBA85 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
07:43:37.0453 1468 usbscan - ok
07:43:37.0500 1468 [ 6CD7B22193718F1D17A47A1CD6D37E75 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
07:43:37.0500 1468 USBSTOR - ok
07:43:37.0531 1468 [ F8FD1400092E23C8F2F31406EF06167B ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
07:43:37.0531 1468 usbuhci - ok
07:43:37.0656 1468 [ 8A60EDD72B4EA5AEA8202DAF0E427925 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
07:43:37.0656 1468 VgaSave - ok
07:43:37.0671 1468 ViaIde - ok
07:43:37.0703 1468 [ CD8CCE067F7E9CBD762C00BDDDECAA34 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
07:43:37.0703 1468 VolSnap - ok
07:43:37.0765 1468 [ 765D208D688075D2B01D5A2E9EAA6DDC ] vsdatant C:\WINDOWS\system32\vsdatant.sys
07:43:37.0765 1468 vsdatant - ok
07:43:37.0765 1468 vsmon - ok
07:43:37.0812 1468 [ 043539881667BB37B07524032D6FFC3E ] VSS C:\WINDOWS\System32\vssvc.exe
07:43:37.0828 1468 VSS - ok
07:43:37.0859 1468 [ 2CEEBB402187AE56B585701F3D191FB3 ] W32Time C:\WINDOWS\system32\w32time.dll
07:43:37.0875 1468 W32Time - ok
07:43:37.0906 1468 [ 984EF0B9788ABF89974CFED4BFBAACBC ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
07:43:37.0906 1468 Wanarp - ok
07:43:37.0968 1468 [ BBCFEAB7E871CDDAC2D397EE7FA91FDC ] Wdf01000 C:\WINDOWS\system32\Drivers\wdf01000.sys
07:43:37.0984 1468 Wdf01000 - ok
07:43:37.0984 1468 WDICA - ok
07:43:38.0078 1468 [ EFD235CA22B57C81118C1AEB4798F1C1 ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
07:43:38.0078 1468 wdmaud - ok
07:43:38.0125 1468 [ 4BD50644CF52F00091F894AB7541E538 ] WebClient C:\WINDOWS\System32\webclnt.dll
07:43:38.0125 1468 WebClient - ok
07:43:38.0187 1468 [ E12084EA622BDF2262C637BEF15DD85C ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
07:43:38.0187 1468 winmgmt - ok
07:43:38.0203 1468 wltrysvc - ok
07:43:38.0281 1468 [ E02E913B3841717A890A644EE167B9A5 ] WmdmPmSN C:\WINDOWS\system32\mspmsnsv.dll
07:43:38.0281 1468 WmdmPmSN - ok
07:43:38.0343 1468 [ 0CDC4A0C6B820FAD99FB4CA74CD0C476 ] Wmi C:\WINDOWS\System32\advapi32.dll
07:43:38.0359 1468 Wmi - ok
07:43:38.0375 1468 [ AE2C8544E747C20062DB27456EA2D67A ] WmiAcpi C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
07:43:38.0375 1468 WmiAcpi - ok
07:43:38.0421 1468 [ BCD21B989F0FD4ACE78287FC01B4693D ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
07:43:38.0437 1468 WmiApSrv - ok
07:43:38.0468 1468 [ 4ADED1ADEF25041D9827F9A79C0FDA13 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
07:43:38.0468 1468 wscsvc - ok
07:43:38.0515 1468 [ D5842484F05E12121C511AA93F6439EC ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
07:43:38.0515 1468 WSTCODEC - ok
07:43:38.0546 1468 [ 21F5169CA14E0B25C757644456F637DF ] wuauserv C:\WINDOWS\system32\wuauserv.dll
07:43:38.0562 1468 wuauserv - ok
07:43:38.0609 1468 [ 6FF66513D372D479EF1810223C8D20CE ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
07:43:38.0609 1468 WudfPf - ok
07:43:38.0671 1468 [ AC13CB789D93412106B0FB6C7EB2BCB6 ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
07:43:38.0718 1468 WudfRd - ok
07:43:38.0765 1468 [ 575A4190D989F64732119E4114045A4F ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
07:43:38.0781 1468 WudfSvc - ok
07:43:38.0828 1468 [ 325CEDEF696EF4B649DDCD3968D085C9 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
07:43:38.0828 1468 WZCSVC - ok
07:43:38.0875 1468 [ 9B835D4C64860B155A1701D5092EC9E4 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
07:43:39.0015 1468 xmlprov - ok
07:43:39.0093 1468 [ 28FB86AD7CC64AE5639E6E87F3B017D9 ] ZTEusbmdm6k C:\WINDOWS\system32\DRIVERS\ZTEusbmdm6k.sys
07:43:39.0093 1468 ZTEusbmdm6k - ok
07:43:39.0109 1468 [ 28FB86AD7CC64AE5639E6E87F3B017D9 ] ZTEusbnmea C:\WINDOWS\system32\DRIVERS\ZTEusbnmea.sys
07:43:39.0125 1468 ZTEusbnmea - ok
07:43:39.0171 1468 [ 28FB86AD7CC64AE5639E6E87F3B017D9 ] ZTEusbser6k C:\WINDOWS\system32\DRIVERS\ZTEusbser6k.sys
07:43:39.0171 1468 ZTEusbser6k - ok
07:43:39.0187 1468 ================ Scan global ===============================
07:43:39.0234 1468 [ F642F3368D2839798DA79E7BA9218481 ] C:\WINDOWS\system32\basesrv.dll
07:43:39.0265 1468 [ 5869828D4A83BA8F9519630C40044C87 ] C:\WINDOWS\system32\winsrv.dll
07:43:39.0281 1468 [ 5869828D4A83BA8F9519630C40044C87 ] C:\WINDOWS\system32\winsrv.dll
07:43:39.0312 1468 [ 6E401E61F952FBBF708AFBECEFAFAE81 ] C:\WINDOWS\system32\services.exe
07:43:39.0312 1468 [Global] - ok
07:43:39.0312 1468 ================ Scan MBR ==================================
07:43:39.0343 1468 [ 413FC2A0C716421B3158746D63736515 ] \Device\Harddisk0\DR0
07:43:39.0781 1468 \Device\Harddisk0\DR0 - ok
07:43:39.0781 1468 ================ Scan VBR ==================================
07:43:39.0781 1468 [ F0F110EC2B7E67C6C33274DF709CF576 ] \Device\Harddisk0\DR0\Partition1
07:43:39.0781 1468 \Device\Harddisk0\DR0\Partition1 - ok
07:43:39.0812 1468 [ 379F04010B8747EFB67084DE9A284A19 ] \Device\Harddisk0\DR0\Partition2
07:43:39.0812 1468 \Device\Harddisk0\DR0\Partition2 - ok
07:43:39.0812 1468 ============================================================
07:43:39.0812 1468 Scan finished
07:43:39.0812 1468 ============================================================
07:43:39.0828 0932 Detected object count: 1
07:43:39.0828 0932 Actual detected object count: 1
07:44:27.0343 0932 sptd ( LockedFile.Multi.Generic ) - skipped by user
07:44:27.0343 0932 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
07:44:37.0328 0388 Deinitialize success

Příspěvekod **jaro3** » 26 srp 2012 10:31

Ještě ComboFix (by sUBs).

DrWostep · Příspěvekod **DrWostep** » 26 srp 2012 20:49

Velmi se omlouvám, ale já ten log od ComboFixu prostě nikde nemůžu najít, už jsem to dal skenovat 3x a ani jednou se ten log nikde neuložil, ručně to nejde, protože to po chvilce skočí do DOSu a po scanu se PC sám restartuje a log nikde. Myslím, že to nedám, jsem prostě kráva...

Příspěvekod **jaro3** » 27 srp 2012 09:50

Zkus znovu a v nouzáku.

DrWostep · Příspěvekod **DrWostep** » 27 srp 2012 12:08

ComboFix 12-08-25.04 - Administrator 27.08.2012 11:49:10.7.1 - x86 MINIMAL
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.1014.836 [GMT 2:00]
Spuštěný z: c:\documents and settings\Jirka\Dokumenty\Sta×enÚ soubory\ComboFix.exe
FW: ZoneAlarm Firewall *Disabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Jirka\WINDOWS
c:\documents and settings\totalcmd\CABRK.DLL
c:\documents and settings\totalcmd\FRERES32.DLL
c:\documents and settings\totalcmd\SFXHEAD.SFX
c:\documents and settings\totalcmd\TCUNINST.EXE
c:\documents and settings\totalcmd\TCUNZLIB.DLL
c:\documents and settings\totalcmd\WCMICONS.DLL
c:\documents and settings\totalcmd\WCMZIP32.DLL
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-07-27 do 2012-08-27 )))))))))))))))))))))))))))))))
.
.
2012-08-27 09:44 . 2012-08-27 09:44 -------- d-----w- c:\documents and settings\Administrator
2012-08-26 05:58 . 2012-08-26 05:58 -------- d-----w- c:\windows\Internet Logs
2012-08-26 05:40 . 2012-08-26 05:40 -------- d-----w- C:\TDSSKiller_Quarantine
2012-08-24 11:23 . 2012-08-24 11:23 -------- d-----w- C:\Games
2012-08-08 16:06 . 2012-08-08 16:06 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Alawar Stargaze
2012-07-31 13:09 . 2012-07-31 13:09 421200 ----a-w- c:\program files\Mozilla Firefox\msvcp100.dll
2012-07-31 13:09 . 2012-07-31 13:09 770384 ----a-w- c:\program files\Mozilla Firefox\msvcr100.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-26 05:42 . 2004-08-18 03:00 188288 ----a-w- c:\windows\system32\drivers\acpi.sys
2012-07-31 13:09 . 2012-07-24 12:47 136672 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"igfxtray"="c:\windows\system32\igfxtray.exe" [2006-03-23 94208]
"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2006-03-23 77824]
"igfxpers"="c:\windows\system32\igfxpers.exe" [2006-03-23 118784]
"RTHDCPL"="RTHDCPL.EXE" [2006-08-16 16248320]
"SkyTel"="SkyTel.EXE" [2006-08-16 2879488]
"AzMixerSel"="c:\program files\Realtek\InstallShield\AzMixerSel.exe" [2006-08-16 53248]
"Broadcom Wireless Manager UI"="c:\windows\system32\WLTRAY.exe" [2005-11-11 1236992]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-03-03 761946]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2007-04-03 1603152]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-18 15360]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Samsung\\Samsung New PC Studio\\npsasvr.exe"=
"c:\\Program Files\\Samsung\\Samsung New PC Studio\\npsvsvr.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [26.1.2009 21:59 685816]
S2 602XML Updater;602Updater;c:\program files\Common Files\soft602\602updsvc\602updsvc.exe [14.4.2010 11:28 73728]
S2 ameisvc;Web'n'walk Manager mobile equipment installation service;c:\program files\T-Mobile\Web'n'walk Manager\ameisvc.exe [24.6.2011 21:17 123120]
S2 Ethpdrv;Ethernet Packet Driver;c:\windows\system32\drivers\ethpdrv.sys [25.5.2008 11:10 9728]
S2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [7.6.2011 19:22 233472]
S2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [26.5.2011 20:05 136176]
S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [7.6.2011 19:22 36608]
S3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [26.5.2011 20:05 136176]
S3 ipw_bus;IPWireless;c:\windows\system32\DRIVERS\ipw_bus.sys --> c:\windows\system32\DRIVERS\ipw_bus.sys [?]
S3 ipw_mdfl;Wireless Broadband Modem Filter;c:\windows\system32\DRIVERS\ipw_mdfl.sys --> c:\windows\system32\DRIVERS\ipw_mdfl.sys [?]
S3 ipw_mdm;Wireless Broadband Modem (WDM);c:\windows\system32\DRIVERS\ipw_mdm.sys --> c:\windows\system32\DRIVERS\ipw_mdm.sys [?]
S3 IpwP;IPWireless 3G Network Adapter;c:\windows\system32\drivers\ipw3gnet.sys [19.6.2009 14:57 51040]
S3 massfilter;MBB Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys [28.12.2010 16:18 9216]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [24.7.2012 14:47 113120]
S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [21.6.2007 22:55 42512]
S3 Pcouffin;Low level access layer for CD devices;c:\windows\system32\drivers\Pcouffin.sys [12.7.2008 22:06 47360]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\drivers\ss_bbus.sys [7.6.2011 19:23 90112]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\drivers\ss_bmdfl.sys [7.6.2011 19:23 14976]
S3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\drivers\ss_bmdm.sys [7.6.2011 19:23 121856]
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - PARPORT
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
.
Obsah adresáře 'Naplánované úlohy'
.
2012-08-27 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-05-26 18:05]
.
2012-08-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-05-26 18:05]
.
.
------- Doplňkový sken -------
.
TCP: DhcpNameServer = 10.0.0.138 10.0.0.138
FF - ProfilePath - c:\documents and settings\Jirka\Data aplikací\Mozilla\Firefox\Profiles\d6tmrz5h.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.as ... ource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/domovska-stranka
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKLM-Run-ISW - c:\program files\CheckPoint\ZAForceField\ForceField.exe
SafeBoot-07369434.sys
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-08-27 11:57
Windows 5.1.2600 Service Pack 2 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(284)
c:\windows\System32\BCMLogon.dll
.
Celkový čas: 2012-08-27 12:00:08
ComboFix-quarantined-files.txt 2012-08-27 09:59
.
Před spuštěním: 6 620 127 232
Po spuštění: 7 043 047 424
.
- - End Of File - - DDA5DC8FE84E2B1366308BE1EE26B198

Příspěvekod **jaro3** » 27 srp 2012 18:14

Nemáš málo volného místa na disku?

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:

Kód: Vybrat vše

ClearJavaCache::

KillAll::
File::
c:\program files\Google\Update\GoogleUpdate.exe
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

Folder::
C:\TDSSKiller_Quarantine

Driver::
gupdate
gupdatem
ipw_bus
ipw_mdfl
ipw_mdm

Registry::
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000000

Firefox::
FF - ProfilePath - c:\documents and settings\Jirka\Data aplikací\Mozilla\Firefox\Profiles\d6tmrz5h.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.as ... ource=3&q={searchTerms}

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

Wireless Broadband Modem--chybí tam soubory , přeinstaluj!

Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.

Prosím o kontrolu logu - reklamní čtvereček v prohlížeči Vyřešeno

Prosím o kontrolu logu - reklamní čtvereček v prohlížeči Vyřešeno

Re: Jak se zbavit reklamního čtverečku v prohlížeči?

Re: Jak se zbavit reklamního čtverečku v prohlížeči?

Re: Prosím o kontrolu logu - reklamní čtvereček v prohlížeči

Re: Prosím o kontrolu logu - reklamní čtvereček v prohlížeči

Re: Prosím o kontrolu logu - reklamní čtvereček v prohlížeči

Re: Prosím o kontrolu logu - reklamní čtvereček v prohlížeči

Re: Prosím o kontrolu logu - reklamní čtvereček v prohlížeči

Re: Prosím o kontrolu logu - reklamní čtvereček v prohlížeči

Re: Prosím o kontrolu logu - reklamní čtvereček v prohlížeči

Re: Prosím o kontrolu logu - reklamní čtvereček v prohlížeči

Re: Prosím o kontrolu logu - reklamní čtvereček v prohlížeči

Kdo je online