Prosím o kontrolu

Místo pro vaše HiJackThis logy a logy z dalších programů…

Moderátoři: Mods_senior, Security team

Dipp
Level 1.5
Level 1.5
Příspěvky: 130
Registrován: srpen 12
Pohlaví: Muž
Stav:
Offline

Prosím o kontrolu

Příspěvekod Dipp » 16 dub 2013 21:11

Prosím o kontrolu - po zapnutí počítače(přihlášení) mi vyjede tabulka z cmd s tím že se počítač za 30 min sám vypne. ¨

Předem díky :)

LOG:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:11:24, on 16.4.2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
D:\Programy\Java\bin\jqs.exe
C:\Program Files\MSI\Super-Charger\ChargeService.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Norton Internet Security\Engine\20.3.1.22\ccSvcHst.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\MSI\Super-Charger\Super-Charger.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Norton Internet Security\Engine\20.3.1.22\ccSvcHst.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
D:\Programy\HiJackThis\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\20.3.1.22\coIEPlg.dll
O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\20.3.1.22\IPS\IPSBHO.DLL
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Programy\Java\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Programy\Java\bin\jp2ssv.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\20.3.1.22\coIEPlg.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Super-Charger] C:\Program Files\MSI\Super-Charger\Super-Charger.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\Programy\Tools\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: win32.bat
O4 - Global Startup: win64.bat
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - D:\Programy\ICQ7M\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - D:\Programy\ICQ7M\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - D:\Programy\Java\bin\jqs.exe
O23 - Service: MSI_SuperCharger - MSI - C:\Program Files\MSI\Super-Charger\ChargeService.exe
O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\20.3.1.22\ccSvcHst.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe

--
End of file - 6760 bytes

Reklama
Uživatelský avatar
memphisto
Guru Level 13
Guru Level 13
Příspěvky: 21113
Registrován: září 06
Bydliště: Zlín - České Budějovice
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu

Příspěvekod memphisto » 17 dub 2013 09:35

v logu fixni:
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com

tohle znáš?
O4 - Global Startup: win32.bat
O4 - Global Startup: win64.bat

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
- Pokud používáš Firefox, klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
- Pokud používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
- Pokud používáš Chrome, nic dalšího nevybírej a dej Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Update Malwarebytes' Anti-Malware (Aktualizace Malwarebytes' Anti-Malware) a Launch Malwarebytes' Anti-Malware (Spustit aplikaci Malwarebytes' Anti-Malware), pokud jo tak klikni na tlačítko Finish
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Perform Quick Scan (Provést rychlý sken) a klikni na tlačítko Scan (Skenovat)
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- pak zvol možnost Save Logfile a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(ZATÍM SÁM NIC NEMAŽ!).
Vlož sem pak obsah toho logu.

Stáhni AdwCleaner

Ulož si ho na svojí plochu
Ukonči všechny programy, okna a prohlížeče
Spusť program poklepáním a klikni na „Search“
Po skenu se objeví log (jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.
PRAVIDLA PC-HELP.CZ, PRAVIDLA sekce HijackThis, HijackThis návod, Memtest, CCleaner
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji

Dipp
Level 1.5
Level 1.5
Příspěvky: 130
Registrován: srpen 12
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu

Příspěvekod Dipp » 20 dub 2013 14:02

dobře, dneska se do toho pustím. Páni, nečekal sem že toho bude tolik :D

Dipp
Level 1.5
Level 1.5
Příspěvky: 130
Registrován: srpen 12
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu

Příspěvekod Dipp » 20 dub 2013 14:03

Btw co myslíš tím:
tohle znáš?
O4 - Global Startup: win32.bat
O4 - Global Startup: win64.bat

Dipp
Level 1.5
Level 1.5
Příspěvky: 130
Registrován: srpen 12
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu

Příspěvekod Dipp » 20 dub 2013 14:10

odkaz na ATF Cleaner nefunguje

Dipp
Level 1.5
Level 1.5
Příspěvky: 130
Registrován: srpen 12
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu

Příspěvekod Dipp » 20 dub 2013 14:38

Výpis z Malwarebites:

Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
www.malwarebytes.org

Verze: v2013.04.20.03

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Vojta :: SOUZ-IDCLIP [administrátor]

Ochrana: Povolena

20.4.2013 14:25:47
MBAM-log-2013-04-20 (14-36-26).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 223956
Uplynulý čas: 10 minut, 24 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 1
HKLM\SOFTWARE\Microsoft\Security Center|FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Špatný: (1) Dobrý: (0) -> Nebyla provedena žádná instrukce.

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)

(konec)

PS: je v pořádku že se mi stáhla jen zkušební verze výše zmiňovaného programu.

Dipp
Level 1.5
Level 1.5
Příspěvky: 130
Registrován: srpen 12
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu

Příspěvekod Dipp » 20 dub 2013 14:41

Výpis z ADWcleaneru:

# AdwCleaner v2.200 - Log vytvooen 20/04/2013 v 14:40:21
# Aktualizováno 02/04/2013 Xplode
# Operaení systém : Microsoft Windows XP Service Pack 3 (32 bits)
# Uživatel : Vojta - SOUZ-IDCLIP
# Spuštin systém : Normální
# Spuštino z : C:\Documents and Settings\Vojta\Plocha\adwcleaner.exe
# Volba [Prohledat]


***** [Služby] *****


***** [Soubory / Složky] *****

Složka Nalezeno : C:\Documents and Settings\Vojta\Data aplikací\OpenCandy
Složka Nalezeno : C:\Documents and Settings\Vojta\Local Settings\Data aplikací\Conduit
Složka Nalezeno : C:\Program Files\Conduit

***** [Registry] *****

Klíe Nalezeno : HKCU\Software\1ClickDownload
Klíe Nalezeno : HKCU\Software\AppDataLow\Software\Conduit
Klíe Nalezeno : HKCU\Software\Conduit
Klíe Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Klíe Nalezeno : HKCU\Software\SmartBar
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Toolbar.CT3220468
Klíe Nalezeno : HKLM\Software\Conduit
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\IM
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IM
Klíe Nalezeno : HKU\S-1-5-21-1644491937-1958367476-682003330-1006\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}

***** [Internetové prohlížeee] *****

-\\ Internet Explorer v8.0.6001.18702

[OK] Registry jsou eisté.

-\\ Google Chrome v26.0.1410.64

Soubor : C:\Documents and Settings\Vojta\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Preferences

[OK] Soubor je eistý.

*************************

AdwCleaner[R1].txt - [1730 octets] - [20/04/2013 14:40:21]

########## EOF - C:\AdwCleaner[R1].txt - [1790 octets] ##########

Uživatelský avatar
memphisto
Guru Level 13
Guru Level 13
Příspěvky: 21113
Registrován: září 06
Bydliště: Zlín - České Budějovice
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu

Příspěvekod memphisto » 20 dub 2013 16:33

V Mbam i AdwCleaner nech vše smazat

Stáhni si TDSSKiller

Na svojí plochu. Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller.2.2.7.1._(datum)_log.txt , vlož sem prosím celý obsah logu.

Vypni rezidentní štít antiviru a antispywaru
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud bude po kontrole problém spustit aplikace nebo bude vyskakovat hláška o pokusu použít neplatnou operaci na klíč registru, který je oznaèen pro odstranění, stačí restartovat počítač.
PRAVIDLA PC-HELP.CZ, PRAVIDLA sekce HijackThis, HijackThis návod, Memtest, CCleaner
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji

Dipp
Level 1.5
Level 1.5
Příspěvky: 130
Registrován: srpen 12
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu

Příspěvekod Dipp » 02 kvě 2013 22:37

log z TDSS:

22:22:11.0531 1564 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
22:22:12.0265 1564 ============================================================
22:22:12.0265 1564 Current date / time: 2013/05/02 22:22:12.0265
22:22:12.0265 1564 SystemInfo:
22:22:12.0265 1564
22:22:12.0265 1564 OS Version: 5.1.2600 ServicePack: 3.0
22:22:12.0265 1564 Product type: Workstation
22:22:12.0265 1564 ComputerName: SOUZ-IDCLIP
22:22:12.0265 1564 UserName: Vojta
22:22:12.0265 1564 Windows directory: C:\WINDOWS
22:22:12.0265 1564 System windows directory: C:\WINDOWS
22:22:12.0265 1564 Processor architecture: Intel x86
22:22:12.0265 1564 Number of processors: 2
22:22:12.0265 1564 Page size: 0x1000
22:22:12.0265 1564 Boot type: Normal boot
22:22:12.0265 1564 ============================================================
22:22:17.0218 1564 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
22:22:17.0250 1564 ============================================================
22:22:17.0250 1564 \Device\Harddisk0\DR0:
22:22:17.0265 1564 MBR partitions:
22:22:17.0265 1564 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xC34F28D
22:22:17.0281 1564 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xC34F30B, BlocksNum 0x683B27F5
22:22:17.0281 1564 ============================================================
22:22:17.0312 1564 C: <-> \Device\Harddisk0\DR0\Partition1
22:22:17.0343 1564 D: <-> \Device\Harddisk0\DR0\Partition2
22:22:17.0343 1564 ============================================================
22:22:17.0343 1564 Initialize success
22:22:17.0343 1564 ============================================================
22:22:19.0812 3512 ============================================================
22:22:19.0812 3512 Scan started
22:22:19.0812 3512 Mode: Manual;
22:22:19.0812 3512 ============================================================
22:22:21.0921 3512 ================ Scan system memory ========================
22:22:21.0921 3512 System memory - ok
22:22:21.0921 3512 ================ Scan services =============================
22:22:23.0562 3512 Abiosdsk - ok
22:22:23.0562 3512 abp480n5 - ok
22:22:23.0578 3512 [ 4FE34F1F3126B61FCC6B2043AA8112C9 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
22:22:23.0593 3512 ACPI - ok
22:22:23.0625 3512 [ AFDFF022A01F0B11C776F0860C3B282F ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
22:22:23.0625 3512 ACPIEC - ok
22:22:23.0625 3512 adpu160m - ok
22:22:23.0640 3512 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
22:22:23.0656 3512 aec - ok
22:22:23.0671 3512 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
22:22:23.0671 3512 AFD - ok
22:22:23.0687 3512 Aha154x - ok
22:22:23.0687 3512 aic78u2 - ok
22:22:23.0687 3512 aic78xx - ok
22:22:23.0703 3512 [ E0A6FA244B8624D78FE5FF6F56A33BAE ] Alerter C:\WINDOWS\system32\alrsvc.dll
22:22:23.0703 3512 Alerter - ok
22:22:23.0734 3512 [ 88842DE939A827577BF24243699AC80A ] ALG C:\WINDOWS\System32\alg.exe
22:22:23.0734 3512 ALG - ok
22:22:23.0734 3512 AliIde - ok
22:22:23.0765 3512 [ 267FC636801EDC5AB28E14036349E3BE ] Ambfilt C:\WINDOWS\system32\drivers\Ambfilt.sys
22:22:23.0781 3512 Ambfilt - ok
22:22:23.0781 3512 amsint - ok
22:22:23.0796 3512 [ 6B8E7A90E576D4FE308F97C69060A171 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
22:22:23.0796 3512 AppMgmt - ok
22:22:23.0796 3512 asc - ok
22:22:23.0796 3512 asc3350p - ok
22:22:23.0796 3512 asc3550 - ok
22:22:24.0093 3512 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
22:22:24.0109 3512 aspnet_state - ok
22:22:24.0125 3512 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
22:22:24.0125 3512 AsyncMac - ok
22:22:24.0140 3512 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
22:22:24.0140 3512 atapi - ok
22:22:24.0140 3512 Atdisk - ok
22:22:24.0156 3512 [ F9C24D25D9FF29F894995A64812B4D85 ] atksgt C:\WINDOWS\system32\DRIVERS\atksgt.sys
22:22:24.0156 3512 atksgt - ok
22:22:24.0171 3512 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
22:22:24.0171 3512 Atmarpc - ok
22:22:24.0187 3512 [ DE31B88962A8645DBA5A37B993E7B0F1 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
22:22:24.0187 3512 AudioSrv - ok
22:22:24.0203 3512 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
22:22:24.0218 3512 audstub - ok
22:22:24.0234 3512 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
22:22:24.0250 3512 Beep - ok
22:22:24.0531 3512 [ 89BF5550E4FC31E3FE728E68C558BF10 ] BHDrvx86 C:\Documents and Settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\Definitions\BASHDefs\20130412.001\BHDrvx86.sys
22:22:24.0531 3512 BHDrvx86 - ok
22:22:24.0562 3512 [ 19395D092FD85DDC2D9C7729CF5A2AC8 ] BITS C:\WINDOWS\system32\qmgr.dll
22:22:24.0656 3512 BITS - ok
22:22:24.0671 3512 [ 89E739BBA5F636297EA5B5F811189E06 ] Browser C:\WINDOWS\System32\browser.dll
22:22:24.0687 3512 Browser - ok
22:22:24.0703 3512 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
22:22:24.0703 3512 cbidf2k - ok
22:22:24.0781 3512 [ 1277AD8F053CC60C17CAFAB411F3CF40 ] ccSet_NIS C:\WINDOWS\system32\drivers\NIS\1403010.016\ccSetx86.sys
22:22:24.0781 3512 ccSet_NIS - ok
22:22:24.0781 3512 cd20xrnt - ok
22:22:24.0812 3512 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
22:22:24.0812 3512 Cdaudio - ok
22:22:24.0828 3512 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
22:22:24.0828 3512 Cdfs - ok
22:22:24.0843 3512 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
22:22:24.0843 3512 Cdrom - ok
22:22:24.0843 3512 Changer - ok
22:22:24.0859 3512 [ E390DC1D7C461D7D56EC53402F329928 ] CiSvc C:\WINDOWS\system32\cisvc.exe
22:22:24.0859 3512 CiSvc - ok
22:22:24.0890 3512 [ 064507A8DFA8C5C7E2FFDDD3E6F424FA ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
22:22:24.0890 3512 ClipSrv - ok
22:22:25.0046 3512 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:22:25.0046 3512 clr_optimization_v2.0.50727_32 - ok
22:22:25.0046 3512 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:22:25.0062 3512 clr_optimization_v4.0.30319_32 - ok
22:22:25.0062 3512 CmdIde - ok
22:22:25.0078 3512 COMSysApp - ok
22:22:25.0078 3512 Cpqarray - ok
22:22:25.0093 3512 [ F3AB0933CBD166D271992F411C27CCAF ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
22:22:25.0093 3512 CryptSvc - ok
22:22:25.0109 3512 dac2w2k - ok
22:22:25.0109 3512 dac960nt - ok
22:22:25.0125 3512 [ BE27674D1CBC3214AEC84B4336A38BBF ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
22:22:25.0140 3512 DcomLaunch - ok
22:22:25.0156 3512 [ 8C9A53E285AC5E6704844D0459EC85BE ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
22:22:25.0156 3512 Dhcp - ok
22:22:25.0171 3512 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
22:22:25.0171 3512 Disk - ok
22:22:25.0187 3512 dmadmin - ok
22:22:25.0203 3512 [ DB5FD2BF5B07DC54BFCB3664FF05BD7C ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
22:22:25.0218 3512 dmboot - ok
22:22:25.0218 3512 [ FFF1720AF51171F32F1EAD5CF71F2810 ] dmio C:\WINDOWS\system32\drivers\dmio.sys
22:22:25.0218 3512 dmio - ok
22:22:25.0234 3512 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
22:22:25.0234 3512 dmload - ok
22:22:25.0250 3512 [ 2BFEFE9E865655A76982F050450B9591 ] dmserver C:\WINDOWS\System32\dmserver.dll
22:22:25.0265 3512 dmserver - ok
22:22:25.0296 3512 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
22:22:25.0296 3512 DMusic - ok
22:22:25.0296 3512 [ DFAA406BF19F4EE806A6F8D4342137F7 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
22:22:25.0312 3512 Dnscache - ok
22:22:25.0312 3512 [ 4A3E2BD20157A0946751229E92EB8621 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
22:22:25.0312 3512 Dot3svc - ok
22:22:25.0312 3512 dpti2o - ok
22:22:25.0328 3512 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
22:22:25.0328 3512 drmkaud - ok
22:22:25.0359 3512 [ 687AF6BB383885FF6A64071B189A7F3E ] dtsoftbus01 C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys
22:22:25.0359 3512 dtsoftbus01 - ok
22:22:25.0375 3512 [ 0887D9C2BE8D940778CAD1E3B85F2A41 ] EapHost C:\WINDOWS\System32\eapsvc.dll
22:22:25.0390 3512 EapHost - ok
22:22:25.0500 3512 [ 85B8B4032A895A746D46A288A9B30DED ] eeCtrl C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
22:22:25.0500 3512 eeCtrl - ok
22:22:25.0515 3512 [ B5A8A04A6E5B4E86B95B1553AA918F5F ] EraserUtilRebootDrv C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
22:22:25.0515 3512 EraserUtilRebootDrv - ok
22:22:25.0515 3512 [ A2A4912798F2BE706ABADD3D30800D16 ] ERSvc C:\WINDOWS\System32\ersvc.dll
22:22:25.0515 3512 ERSvc - ok
22:22:25.0546 3512 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] Eventlog C:\WINDOWS\system32\services.exe
22:22:25.0546 3512 Eventlog - ok
22:22:25.0546 3512 [ A371F11EF07653591C8DE26AFB13CE7F ] EventSystem C:\WINDOWS\system32\es.dll
22:22:25.0562 3512 EventSystem - ok
22:22:25.0578 3512 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
22:22:25.0578 3512 Fastfat - ok
22:22:25.0593 3512 [ EE9A2B9EA968A792A053C9D1A86BF870 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
22:22:25.0593 3512 FastUserSwitchingCompatibility - ok
22:22:25.0609 3512 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
22:22:25.0609 3512 Fdc - ok
22:22:25.0625 3512 [ AC366695A0796560AA37215AD5762AAF ] Fips C:\WINDOWS\system32\drivers\Fips.sys
22:22:25.0625 3512 Fips - ok
22:22:25.0640 3512 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
22:22:25.0640 3512 Flpydisk - ok
22:22:25.0640 3512 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys
22:22:25.0640 3512 FltMgr - ok
22:22:25.0687 3512 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
22:22:25.0703 3512 FontCache3.0.0.0 - ok
22:22:25.0703 3512 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
22:22:25.0703 3512 Fs_Rec - ok
22:22:25.0703 3512 [ 4E664D8541DB4A66B73A24257E322E1F ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
22:22:25.0703 3512 Ftdisk - ok
22:22:25.0734 3512 GGSAFERDriver - ok
22:22:25.0734 3512 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
22:22:25.0734 3512 Gpc - ok
22:22:25.0812 3512 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
22:22:25.0812 3512 gupdate - ok
22:22:25.0812 3512 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
22:22:25.0812 3512 gupdatem - ok
22:22:25.0843 3512 [ 833051C6C6C42117191935F734CFBD97 ] hamachi C:\WINDOWS\system32\DRIVERS\hamachi.sys
22:22:25.0843 3512 hamachi - ok
22:22:25.0843 3512 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
22:22:25.0843 3512 HDAudBus - ok
22:22:25.0921 3512 [ FCFE31FB75F8A6295B6B0AF87A626282 ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
22:22:25.0921 3512 helpsvc - ok
22:22:25.0921 3512 HidServ - ok
22:22:25.0953 3512 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] hidusb C:\WINDOWS\system32\DRIVERS\hidusb.sys
22:22:25.0953 3512 hidusb - ok
22:22:25.0968 3512 [ 7A6B320928F86BC851530D63C82965D9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
22:22:25.0984 3512 hkmsvc - ok
22:22:25.0984 3512 hpn - ok
22:22:26.0015 3512 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
22:22:26.0015 3512 HTTP - ok
22:22:26.0031 3512 [ 58FE2F2DA3BC5573F4A35B3760D3125F ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
22:22:26.0031 3512 HTTPFilter - ok
22:22:26.0031 3512 i2omgmt - ok
22:22:26.0031 3512 i2omp - ok
22:22:26.0031 3512 [ C528E27945367191E7BAE364930B6932 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
22:22:26.0046 3512 i8042prt - ok
22:22:26.0078 3512 [ 60395C8292B74F07F82A97D473E69A4E ] ialm C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
22:22:26.0093 3512 ialm - ok
22:22:26.0125 3512 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
22:22:26.0125 3512 idsvc - ok
22:22:26.0250 3512 [ C19BF2A07BE972A110220DF6B1E89D14 ] IDSxpx86 C:\Documents and Settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\Definitions\IPSDefs\20130501.001\IDSxpx86.sys
22:22:26.0250 3512 IDSxpx86 - ok
22:22:26.0296 3512 [ 07AD42303519A955560B5A19FE20B68F ] IISADMIN C:\WINDOWS\system32\inetsrv\inetinfo.exe
22:22:26.0296 3512 IISADMIN - ok
22:22:26.0296 3512 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
22:22:26.0296 3512 Imapi - ok
22:22:26.0312 3512 [ F7B93AAFAD33B2320954C17E26C8D361 ] ImapiService C:\WINDOWS\system32\imapi.exe
22:22:26.0312 3512 ImapiService - ok
22:22:26.0312 3512 ini910u - ok
22:22:26.0390 3512 [ EB136D3B2883512DFF677C2FA98309BC ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
22:22:26.0406 3512 IntcAzAudAddService - ok
22:22:26.0421 3512 [ F4804891676F2EFAA81CBF5F2393AD2A ] IntcDAud C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
22:22:26.0421 3512 IntcDAud - ok
22:22:26.0421 3512 IntelIde - ok
22:22:26.0437 3512 [ 27B290D632AF2CF3CF40BFDDB7370985 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
22:22:26.0437 3512 intelppm - ok
22:22:26.0453 3512 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
22:22:26.0453 3512 Ip6Fw - ok
22:22:26.0500 3512 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
22:22:26.0500 3512 IpFilterDriver - ok
22:22:26.0515 3512 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
22:22:26.0515 3512 IpInIp - ok
22:22:26.0531 3512 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
22:22:26.0531 3512 IpNat - ok
22:22:26.0578 3512 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
22:22:26.0578 3512 IPSec - ok
22:22:26.0593 3512 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
22:22:26.0593 3512 IRENUM - ok
22:22:26.0593 3512 [ CC9F8A2D60AED1A51A3AC34C59B987AE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
22:22:26.0593 3512 isapnp - ok
22:22:26.0640 3512 [ 7FBFEEE245821925129C9F86470BF33C ] JavaQuickStarterService D:\Programy\Java\bin\jqs.exe
22:22:26.0640 3512 JavaQuickStarterService - ok
22:22:26.0656 3512 [ 1B6162FE7F66B1A71A4B70F941C4AA9B ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
22:22:26.0656 3512 Kbdclass - ok
22:22:26.0671 3512 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
22:22:26.0671 3512 kmixer - ok
22:22:26.0671 3512 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
22:22:26.0687 3512 KSecDD - ok
22:22:26.0703 3512 [ 3428E8F86F8ADD36B42FB23542C7B3E4 ] LanmanServer C:\WINDOWS\System32\srvsvc.dll
22:22:26.0703 3512 LanmanServer - ok
22:22:26.0718 3512 [ 936C1D110232D23B621CB0196E4F80F0 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
22:22:26.0890 3512 lanmanworkstation - ok
22:22:26.0890 3512 lbrtfdc - ok
22:22:26.0937 3512 [ 8CCF9ED46D52AF1375875F74A91FFACF ] lirsgt C:\WINDOWS\system32\DRIVERS\lirsgt.sys
22:22:26.0937 3512 lirsgt - ok
22:22:27.0062 3512 [ 0AB159F536E3E8F7F07113702A07CCA5 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
22:22:27.0281 3512 LmHosts - ok
22:22:27.0312 3512 [ 4470E3C1E0C3378E4CAB137893C12C3A ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys
22:22:27.0328 3512 MBAMProtector - ok
22:22:27.0359 3512 [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler D:\Programy\Malwarebytes' Anti-Malware\mbamscheduler.exe
22:22:27.0359 3512 MBAMScheduler - ok
22:22:27.0375 3512 [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService D:\Programy\Malwarebytes' Anti-Malware\mbamservice.exe
22:22:27.0390 3512 MBAMService - ok
22:22:27.0421 3512 [ 221CD1C815B8A6B79389C3F5D1018DE8 ] Messenger C:\WINDOWS\System32\msgsvc.dll
22:22:27.0421 3512 Messenger - ok
22:22:27.0578 3512 [ FAFE367D032ED82E9332B4C741A20216 ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
22:22:27.0578 3512 Microsoft Office Groove Audit Service - ok
22:22:27.0578 3512 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
22:22:27.0593 3512 mnmdd - ok
22:22:27.0593 3512 [ 9A57D046F88F4B69751B11FD40088A61 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
22:22:27.0609 3512 mnmsrvc - ok
22:22:27.0609 3512 [ 44032B0C6D9954D3FD26438330B99EE7 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
22:22:27.0609 3512 Modem - ok
22:22:27.0625 3512 [ C7D9F9717916B34C1B00DD4834AF485C ] Monfilt C:\WINDOWS\system32\drivers\Monfilt.sys
22:22:27.0656 3512 Monfilt - ok
22:22:27.0656 3512 [ 4CB582831DBDE63CE43B45D771218374 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
22:22:27.0656 3512 Mouclass - ok
22:22:27.0671 3512 [ BB269EBA740737AB749B214D568B6812 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
22:22:27.0671 3512 mouhid - ok
22:22:27.0687 3512 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
22:22:27.0687 3512 MountMgr - ok
22:22:27.0687 3512 mraid35x - ok
22:22:27.0703 3512 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
22:22:27.0703 3512 MRxDAV - ok
22:22:27.0718 3512 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
22:22:27.0734 3512 MRxSmb - ok
22:22:27.0750 3512 [ 6DB4D1521CABA9A5FFAB54ADE0AE867D ] MSDTC C:\WINDOWS\system32\msdtc.exe
22:22:27.0765 3512 MSDTC - ok
22:22:27.0765 3512 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
22:22:27.0765 3512 Msfs - ok
22:22:27.0765 3512 MSICDSetup - ok
22:22:27.0781 3512 MSIServer - ok
22:22:27.0828 3512 [ 5CA8C442B3F69345BD5FDF51DFB26047 ] MSI_SuperCharger C:\Program Files\MSI\Super-Charger\ChargeService.exe
22:22:27.0828 3512 MSI_SuperCharger - ok
22:22:27.0859 3512 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
22:22:27.0875 3512 MSKSSRV - ok
22:22:27.0890 3512 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
22:22:27.0890 3512 MSPCLOCK - ok
22:22:27.0906 3512 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
22:22:27.0906 3512 MSPQM - ok
22:22:27.0906 3512 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
22:22:27.0906 3512 mssmbios - ok
22:22:27.0921 3512 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
22:22:27.0921 3512 Mup - ok
22:22:27.0937 3512 [ 6EA362E9DB03D44F6B996F4D8BE237E9 ] napagent C:\WINDOWS\System32\qagentrt.dll
22:22:27.0937 3512 napagent - ok
22:22:28.0109 3512 [ 7D7A3BC6640C1A0D1442816B30856928 ] NAVENG C:\Documents and Settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\Definitions\VirusDefs\20130502.003\NAVENG.SYS
22:22:28.0109 3512 NAVENG - ok
22:22:28.0140 3512 [ 28494C43D62AA7584BDCA2FADFBC4D11 ] NAVEX15 C:\Documents and Settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\Definitions\VirusDefs\20130502.003\NAVEX15.SYS
22:22:28.0140 3512 NAVEX15 - ok
22:22:28.0140 3512 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
22:22:28.0156 3512 NDIS - ok
22:22:28.0171 3512 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
22:22:28.0187 3512 NdisTapi - ok
22:22:28.0218 3512 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
22:22:28.0218 3512 Ndisuio - ok
22:22:28.0234 3512 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
22:22:28.0234 3512 NdisWan - ok
22:22:28.0250 3512 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
22:22:28.0250 3512 NDProxy - ok
22:22:28.0250 3512 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
22:22:28.0250 3512 NetBIOS - ok
22:22:28.0265 3512 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
22:22:28.0265 3512 NetBT - ok
22:22:28.0281 3512 [ 933DE774986EC85E48210C44AB431DE6 ] NetDDE C:\WINDOWS\system32\netdde.exe
22:22:28.0281 3512 NetDDE - ok
22:22:28.0281 3512 [ 933DE774986EC85E48210C44AB431DE6 ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
22:22:28.0296 3512 NetDDEdsdm - ok
22:22:28.0312 3512 [ ED0A176354487CEED65B80A7148AB739 ] Netlogon C:\WINDOWS\system32\lsass.exe
22:22:28.0312 3512 Netlogon - ok
22:22:28.0343 3512 [ 72E1E9E2977BE08BDEEDB6D8FD9D4D40 ] Netman C:\WINDOWS\System32\netman.dll
22:22:28.0343 3512 Netman - ok
22:22:28.0359 3512 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
22:22:28.0359 3512 NetTcpPortSharing - ok
22:22:28.0546 3512 [ 241BD3019FB31E812A51B31B06906335 ] NIS C:\Program Files\Norton Internet Security\Engine\20.3.1.22\ccSvcHst.exe
22:22:28.0546 3512 NIS - ok
22:22:28.0546 3512 [ 39EE7C3BFBC64BA87CC8CF67386E814C ] Nla C:\WINDOWS\System32\mswsock.dll
22:22:28.0546 3512 Nla - ok
22:22:28.0562 3512 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
22:22:28.0562 3512 Npfs - ok
22:22:28.0578 3512 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
22:22:28.0593 3512 Ntfs - ok
22:22:28.0625 3512 [ 307242C92E4D991A663C43B291122F5D ] NTIOLib_1_0_3 C:\Program Files\MSI\Super-Charger\NTIOLib.sys
22:22:28.0625 3512 NTIOLib_1_0_3 - ok
22:22:28.0625 3512 NTIOLib_1_0_C - ok
22:22:28.0625 3512 [ ED0A176354487CEED65B80A7148AB739 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
22:22:28.0625 3512 NtLmSsp - ok
22:22:28.0640 3512 [ 023DD70573D644F3D9C8B1258A7BFD08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
22:22:28.0640 3512 NtmsSvc - ok
22:22:28.0656 3512 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
22:22:28.0656 3512 Null - ok
22:22:28.0671 3512 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
22:22:28.0671 3512 NwlnkFlt - ok
22:22:28.0671 3512 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
22:22:28.0687 3512 NwlnkFwd - ok
22:22:28.0750 3512 [ 84DE1DD996B48B05ACE31AD015FA108A ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
22:22:28.0750 3512 odserv - ok
22:22:28.0765 3512 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:22:28.0765 3512 ose - ok
22:22:28.0781 3512 [ 46F8DB73B4A53E543F8E371DC7C75BAE ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
22:22:28.0781 3512 Parport - ok
22:22:28.0781 3512 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
22:22:28.0781 3512 PartMgr - ok
22:22:28.0812 3512 [ 1FAE19D0457176318BBA4A8795656EBC ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
22:22:28.0828 3512 ParVdm - ok
22:22:28.0843 3512 [ 6CE351D149CB4BEFC702951E471E1730 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
22:22:28.0843 3512 PCI - ok
22:22:28.0843 3512 PCIDump - ok
22:22:28.0843 3512 [ 2DA4EC85E0EA7A45C6B2A05820492D5A ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
22:22:28.0843 3512 PCIIde - ok
22:22:28.0859 3512 [ 4FC31E6C19A5CE5198B1ABFF94CAE758 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
22:22:28.0859 3512 Pcmcia - ok
22:22:28.0859 3512 PDCOMP - ok
22:22:28.0875 3512 PDFRAME - ok
22:22:28.0875 3512 PDRELI - ok
22:22:28.0875 3512 PDRFRAME - ok
22:22:28.0875 3512 perc2 - ok
22:22:28.0875 3512 perc2hib - ok
22:22:28.0890 3512 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] PlugPlay C:\WINDOWS\system32\services.exe
22:22:28.0890 3512 PlugPlay - ok
22:22:28.0921 3512 [ 205E1B699FD3F2F9B036EEA2EC30C620 ] PnkBstrA C:\WINDOWS\system32\PnkBstrA.exe
22:22:28.0921 3512 PnkBstrA - ok
22:22:28.0937 3512 [ ED0A176354487CEED65B80A7148AB739 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
22:22:28.0937 3512 PolicyAgent - ok
22:22:28.0937 3512 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
22:22:28.0937 3512 PptpMiniport - ok
22:22:28.0937 3512 [ ED0A176354487CEED65B80A7148AB739 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
22:22:28.0937 3512 ProtectedStorage - ok
22:22:28.0937 3512 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
22:22:28.0937 3512 PSched - ok
22:22:28.0937 3512 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
22:22:28.0937 3512 Ptilink - ok
22:22:28.0937 3512 ql1080 - ok
22:22:28.0953 3512 Ql10wnt - ok
22:22:28.0953 3512 ql12160 - ok
22:22:28.0953 3512 ql1240 - ok
22:22:28.0953 3512 ql1280 - ok
22:22:28.0953 3512 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
22:22:28.0953 3512 RasAcd - ok
22:22:28.0968 3512 [ 2B5E44EA009F2F374B980E1E9A70635D ] RasAuto C:\WINDOWS\System32\rasauto.dll
22:22:28.0968 3512 RasAuto - ok
22:22:28.0968 3512 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
22:22:28.0968 3512 Rasl2tp - ok
22:22:28.0984 3512 [ D57554C664B64604BD1EE13EA2C07E77 ] RasMan C:\WINDOWS\System32\rasmans.dll
22:22:29.0000 3512 RasMan - ok
22:22:29.0000 3512 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
22:22:29.0000 3512 RasPppoe - ok
22:22:29.0000 3512 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
22:22:29.0000 3512 Raspti - ok
22:22:29.0015 3512 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
22:22:29.0015 3512 Rdbss - ok
22:22:29.0015 3512 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
22:22:29.0015 3512 RDPCDD - ok
22:22:29.0031 3512 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
22:22:29.0031 3512 rdpdr - ok
22:22:29.0062 3512 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
22:22:29.0062 3512 RDPWD - ok
22:22:29.0062 3512 [ C0D9D9711CB74EE9BC66353D8CBDAB0E ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
22:22:29.0078 3512 RDSessMgr - ok
22:22:29.0093 3512 [ 611BFD220305BE3A85AE876EA47D4AA5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
22:22:29.0093 3512 redbook - ok
22:22:29.0093 3512 [ 127C26B5371651043450E52542099ABA ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
22:22:29.0109 3512 RemoteAccess - ok
22:22:29.0125 3512 [ 8F31505484A190D5B22274708799F4EC ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
22:22:29.0125 3512 RemoteRegistry - ok
22:22:29.0140 3512 [ 718B3BDC0BC3C2F7D065A53D26202AF9 ] RpcLocator C:\WINDOWS\system32\locator.exe
22:22:29.0156 3512 RpcLocator - ok
22:22:29.0171 3512 [ BE27674D1CBC3214AEC84B4336A38BBF ] RpcSs C:\WINDOWS\system32\rpcss.dll
22:22:29.0171 3512 RpcSs - ok
22:22:29.0187 3512 [ 09AB2E71E58B078038E3BFDBA7FFC984 ] RSVP C:\WINDOWS\system32\rsvp.exe
22:22:29.0187 3512 RSVP - ok
22:22:29.0218 3512 [ EB6CAF7C5FCCB50C3E62F878640E082E ] RTLE8023xp C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
22:22:29.0218 3512 RTLE8023xp - ok
22:22:29.0218 3512 [ ED0A176354487CEED65B80A7148AB739 ] SamSs C:\WINDOWS\system32\lsass.exe
22:22:29.0218 3512 SamSs - ok
22:22:29.0234 3512 [ 410046E401EB11E1E6749E9DEEA41D4A ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
22:22:29.0234 3512 SCardSvr - ok
22:22:29.0250 3512 [ 3FF232A7731621B8902D81D42418C93C ] Schedule C:\WINDOWS\system32\schedsvc.dll
22:22:29.0265 3512 Schedule - ok
22:22:29.0265 3512 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
22:22:29.0281 3512 Secdrv - ok
22:22:29.0281 3512 [ 477E2C3CC5E4A0D635BCB0EA8DCAC3C6 ] seclogon C:\WINDOWS\System32\seclogon.dll
22:22:29.0296 3512 seclogon - ok
22:22:29.0296 3512 [ A530B75C10C23C9AB28FDB6CE719E21F ] SENS C:\WINDOWS\system32\sens.dll
22:22:29.0312 3512 SENS - ok
22:22:29.0312 3512 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
22:22:29.0312 3512 serenum - ok
22:22:29.0312 3512 [ B842729337C9B921615C40D3C1A1AF96 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
22:22:29.0312 3512 Serial - ok
22:22:29.0328 3512 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
22:22:29.0328 3512 Sfloppy - ok
22:22:29.0343 3512 [ F58FACA9621D2DB01BD0927D9A0A208E ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
22:22:29.0343 3512 SharedAccess - ok
22:22:29.0343 3512 [ EE9A2B9EA968A792A053C9D1A86BF870 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
22:22:29.0343 3512 ShellHWDetection - ok
22:22:29.0343 3512 Simbad - ok
22:22:29.0359 3512 Sparrow - ok
22:22:29.0375 3512 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
22:22:29.0375 3512 splitter - ok
22:22:29.0390 3512 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
22:22:29.0390 3512 Spooler - ok
22:22:29.0406 3512 [ 94610C8653635E4459316A0050D55CE7 ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
22:22:29.0421 3512 sr - ok
22:22:29.0421 3512 [ 35B91147124F64AC8081A2EDB9EA4DEE ] srservice C:\WINDOWS\system32\srsvc.dll
22:22:29.0421 3512 srservice - ok
22:22:29.0453 3512 [ 0A8F71E1DB5432A5B9285111421E77EC ] SRTSP C:\WINDOWS\System32\Drivers\NIS\1403010.016\SRTSP.SYS
22:22:29.0453 3512 SRTSP - ok
22:22:29.0468 3512 [ FE9BD381778A344F0E39AE2D5E607D7F ] SRTSPX C:\WINDOWS\system32\drivers\NIS\1403010.016\SRTSPX.SYS
22:22:29.0468 3512 SRTSPX - ok
22:22:29.0515 3512 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
22:22:29.0515 3512 Srv - ok
22:22:29.0531 3512 [ BECD5271DC4E3B7C3D035F790FCBC1E5 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
22:22:29.0531 3512 SSDPSRV - ok
22:22:29.0546 3512 [ EF3458337D7341A05169CEFC73709264 ] SSPORT C:\WINDOWS\system32\Drivers\SSPORT.sys
22:22:29.0546 3512 SSPORT - ok
22:22:29.0578 3512 [ C1CDD9275F6A115BB0AE1D55D8D27BA6 ] stisvc C:\WINDOWS\system32\wiaservc.dll
22:22:29.0625 3512 stisvc - ok
22:22:29.0625 3512 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
22:22:29.0625 3512 swenum - ok
22:22:29.0625 3512 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
22:22:29.0640 3512 swmidi - ok
22:22:29.0640 3512 SwPrv - ok
22:22:29.0640 3512 symc810 - ok
22:22:29.0640 3512 symc8xx - ok
22:22:29.0656 3512 [ 6EA77FF0CE4E839EA8B1CEA5F5B28C00 ] SymDS C:\WINDOWS\system32\drivers\NIS\1403010.016\SYMDS.SYS
22:22:29.0656 3512 SymDS - ok
22:22:29.0671 3512 [ 1773FB2920EBB3A8BAD0360618091470 ] SymEFA C:\WINDOWS\system32\drivers\NIS\1403010.016\SYMEFA.SYS
22:22:29.0687 3512 SymEFA - ok
22:22:29.0687 3512 [ C940F10C31E2C60CC967FFD6A370720C ] SymEvent C:\WINDOWS\system32\Drivers\SYMEVENT.SYS
22:22:29.0687 3512 SymEvent - ok
22:22:29.0703 3512 [ 8C9B9036E301A9965CF15BEC91C58A12 ] SymIRON C:\WINDOWS\system32\drivers\NIS\1403010.016\Ironx86.SYS
22:22:29.0703 3512 SymIRON - ok
22:22:29.0718 3512 [ EC979002EBA25C9D109B2FE0E03457DA ] SYMTDI C:\WINDOWS\System32\Drivers\NIS\1403010.016\SYMTDI.SYS
22:22:29.0718 3512 SYMTDI - ok
22:22:29.0718 3512 sym_hi - ok
22:22:29.0718 3512 sym_u3 - ok
22:22:29.0750 3512 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
22:22:29.0750 3512 sysaudio - ok
22:22:29.0750 3512 [ CE06F01B88ACE199A1BF460CAC29C110 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
22:22:29.0765 3512 SysmonLog - ok
22:22:29.0765 3512 [ C2546CD7A398476F9DF5614B2AE160E8 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
22:22:29.0765 3512 TapiSrv - ok
22:22:29.0796 3512 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
22:22:29.0796 3512 Tcpip - ok
22:22:29.0812 3512 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
22:22:29.0828 3512 TDPIPE - ok
22:22:29.0828 3512 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
22:22:29.0828 3512 TDTCP - ok
22:22:29.0828 3512 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
22:22:29.0828 3512 TermDD - ok
22:22:29.0859 3512 [ A75DD6FC3DBEE4FFF5EBC9F2C28BB66E ] TermService C:\WINDOWS\System32\termsrv.dll
22:22:29.0859 3512 TermService - ok
22:22:29.0859 3512 [ EE9A2B9EA968A792A053C9D1A86BF870 ] Themes C:\WINDOWS\System32\shsvcs.dll
22:22:29.0859 3512 Themes - ok
22:22:29.0875 3512 [ CD0CC7B167D78043A41C98D4921EFB54 ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
22:22:29.0875 3512 TlntSvr - ok
22:22:29.0875 3512 TosIde - ok
22:22:29.0875 3512 [ 38853304CCB938D30E0C4CDE8D2C2A8A ] TrkWks C:\WINDOWS\system32\trkwks.dll
22:22:29.0875 3512 TrkWks - ok
22:22:29.0890 3512 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
22:22:29.0890 3512 Udfs - ok
22:22:29.0906 3512 ultra - ok
22:22:29.0906 3512 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
22:22:29.0906 3512 Update - ok
22:22:29.0921 3512 [ 651BD90DCEE5B7BDC74A2EB7C9266F9E ] upnphost C:\WINDOWS\System32\upnphost.dll
22:22:29.0921 3512 upnphost - ok
22:22:29.0921 3512 [ 20A0F6A11959E92908717D09E87D670D ] UPS C:\WINDOWS\System32\ups.exe
22:22:29.0921 3512 UPS - ok
22:22:29.0921 3512 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
22:22:29.0921 3512 usbehci - ok
22:22:29.0937 3512 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
22:22:29.0937 3512 usbhub - ok
22:22:29.0953 3512 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
22:22:29.0968 3512 usbprint - ok
22:22:29.0968 3512 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
22:22:29.0968 3512 USBSTOR - ok
22:22:29.0984 3512 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
22:22:29.0984 3512 VgaSave - ok
22:22:29.0984 3512 ViaIde - ok
22:22:30.0015 3512 [ 28A4B296B47782173C346E376CB374D1 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
22:22:30.0015 3512 VolSnap - ok
22:22:30.0031 3512 [ D6BA1A63D9E00933F1CD2A885573AFB2 ] VSS C:\WINDOWS\System32\vssvc.exe
22:22:30.0031 3512 VSS - ok
22:22:30.0046 3512 [ FA4E1CDBA256787F2149F4AAD07BC91F ] W32Time C:\WINDOWS\system32\w32time.dll
22:22:30.0046 3512 W32Time - ok
22:22:30.0062 3512 [ 07AD42303519A955560B5A19FE20B68F ] W3SVC C:\WINDOWS\system32\inetsrv\inetinfo.exe
22:22:30.0062 3512 W3SVC - ok
22:22:30.0062 3512 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
22:22:30.0062 3512 Wanarp - ok
22:22:30.0062 3512 WDICA - ok
22:22:30.0062 3512 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
22:22:30.0062 3512 wdmaud - ok
22:22:30.0078 3512 [ 47AE51048A82DFA1CD6B51D369F7E169 ] WebClient C:\WINDOWS\System32\webclnt.dll
22:22:30.0078 3512 WebClient - ok
22:22:30.0296 3512 [ E488332126E3B1182D2B8A0C35408EC6 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
22:22:30.0437 3512 winmgmt - ok
22:22:30.0562 3512 [ 6199B2AE3F9DB9CB6DB230471A1DC601 ] WmdmPmSN C:\WINDOWS\system32\mspmsnsv.dll
22:22:30.0578 3512 WmdmPmSN - ok
22:22:30.0718 3512 [ 0171CFF34BBA8C5977F18C48D8AEF8C6 ] Wmi C:\WINDOWS\System32\advapi32.dll
22:22:30.0734 3512 Wmi - ok
22:22:30.0796 3512 [ 23F6F03272F7E5679F1F050AED5ACEE6 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
22:22:30.0796 3512 WmiApSrv - ok
22:22:30.0828 3512 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
22:22:30.0843 3512 WPFFontCache_v0400 - ok
22:22:30.0843 3512 [ 4C86D5FAF78194995AF9CC1075F65DD3 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
22:22:30.0859 3512 wscsvc - ok
22:22:30.0875 3512 [ C1364564800EE9784192145324A23308 ] wuauserv C:\WINDOWS\system32\wuauserv.dll
22:22:30.0875 3512 wuauserv - ok
22:22:30.0890 3512 [ A27D4BA7264C0BF52F32D10405BEA1D4 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
22:22:30.0890 3512 WZCSVC - ok
22:22:30.0906 3512 [ EAA4BB9EDB3FB10CF8979FE65E63658F ] xmlprov C:\WINDOWS\System32\xmlprov.dll
22:22:30.0937 3512 xmlprov - ok
22:22:30.0937 3512 ================ Scan global ===============================
22:22:30.0953 3512 [ F36278E42C8C5DF03CE17DAC8231C91C ] C:\WINDOWS\system32\basesrv.dll
22:22:30.0984 3512 [ F3FA14A297BC687D0B51289D034033C9 ] C:\WINDOWS\system32\winsrv.dll
22:22:31.0000 3512 [ F3FA14A297BC687D0B51289D034033C9 ] C:\WINDOWS\system32\winsrv.dll
22:22:31.0000 3512 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] C:\WINDOWS\system32\services.exe
22:22:31.0000 3512 [Global] - ok
22:22:31.0000 3512 ================ Scan MBR ==================================
22:22:31.0015 3512 [ 413FC2A0C716421B3158746D63736515 ] \Device\Harddisk0\DR0
22:22:31.0328 3512 \Device\Harddisk0\DR0 - ok
22:22:31.0328 3512 ================ Scan VBR ==================================
22:22:31.0328 3512 [ B7633B3D58F9DB60D7073B15E7612587 ] \Device\Harddisk0\DR0\Partition1
22:22:31.0328 3512 \Device\Harddisk0\DR0\Partition1 - ok
22:22:31.0343 3512 [ C974293FD22C79D162B1BB11167BB996 ] \Device\Harddisk0\DR0\Partition2
22:22:31.0343 3512 \Device\Harddisk0\DR0\Partition2 - ok
22:22:31.0343 3512 ============================================================
22:22:31.0343 3512 Scan finished
22:22:31.0343 3512 ============================================================
22:22:31.0359 3328 Detected object count: 0
22:22:31.0359 3328 Actual detected object count: 0
22:22:59.0265 2852 Deinitialize success

Dipp
Level 1.5
Level 1.5
Příspěvky: 130
Registrován: srpen 12
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu

Příspěvekod Dipp » 02 kvě 2013 22:53

vypis z combofixu se mi bohuzel nepodarilo najit.

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43298
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu

Příspěvekod jaro3 » 03 kvě 2013 10:25

Nevidím logy po vymazání , adwCleaner a MbAM.

C:\ComboFix.txt
nebo v:
C:\Qoobox\

Stáhni si RogueKiller
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit

-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra


Zpět na “HiJackThis”

Kdo je online

Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 107 hostů