PC-HELP.CZ

Zdravím, prosím o kontrolu logu - již nějakou dobu se nemůžu dostat na stránky www.zive.cz a www.autorevue.cz, bude jich více, ale o těchto vím. Přítelkyni to na jiném NTB jede, takže je problém u mě. V jiném prohlížeči to také nejde. Díky

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:32:52, on 13.4.2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
C:\WINDOWS\RTHDCPL.EXE
C:\PROGRA~1\LAUNCH~1\LManager.exe
C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe
C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\PLFSetL.exe
C:\WINDOWS\snuvcdsm.exe
C:\WINDOWS\PLFSetI.exe
C:\program files\real\realplayer\update\realsched.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
D:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\DOCUME~1\LuCas\LOCALS~1\Temp\RtkBtMnt.exe
C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
D:\NEXIS32\License\lmgrd.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Java\jre7\bin\jqs.exe
D:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
D:\NEXIS32\License\scia.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Trend Micro\HijackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Data aplikací\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
O4 - HKLM\..\Run: [Boot] C:\Acer\Empowering Technology\ePower\Boot.exe
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel Wireless Tray
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [TNOD UP] "C:\Program Files\ESET\TNod User & Password Finder\TNODUP.exe" /i
O4 - HKLM\..\Run: [PLFSetL] C:\WINDOWS\PLFSetL.exe
O4 - HKLM\..\Run: [snp2uvc] rundll32.exe C:\WINDOWS\system32\csnp2uvc.dll,ResetCIDS
O4 - HKLM\..\Run: [snuvcdsm] C:\WINDOWS\snuvcdsm.exe
O4 - HKLM\..\Run: [PLFSetI] C:\WINDOWS\PLFSetI.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\program files\real\realplayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: RocketDock.lnk = D:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O8 - Extra context menu item: Append to existing PDF - res://D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - AutorunsDisabled - (no file)
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - d:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - d:\Program Files\ICQ6.5\ICQ.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {1F831FA2-42FC-11D4-95A6-0080AD30DCE1} (InstaFred) -
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos-be ... canner.cab
O16 - DPF: {78AF2F24-A9C3-11D3-BF8C-0060B0FCC122} (Ovládací prvek AcDcToday) -
O16 - DPF: {AE563723-B4F5-11D4-A415-00108302FDFD} (NOXLATE-BANR) -
O16 - DPF: {F281A59C-7B65-11D3-8617-0010830243BD} (Prvek AcPreview) -
O17 - HKLM\System\CCS\Services\Tcpip\..\{8E60D919-A187-4B7B-95B2-B85DDBE5825C}: NameServer = 217.31.204.130,193.29.206.206
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\WINDOWS\system32\acaptuser32.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 6 (AdvancedSystemCareService6) - IObit - C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: eLock Service (eLockService) - - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: IDA NEXIS License - Unknown owner - D:\NEXIS32\License\lmgrd.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - D:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - D:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless WiFi Service (S24EventMonitor) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe

--
End of file - 14937 bytes

Odinstaluj ten cracklý ESET i s TNODEM

Fixni:
Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
- Pokud používáš Firefox, klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
- Pokud používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
- Pokud používáš Chrome, nic dalšího nevybírej a dej Empty Selected.
Po vyčištění klikni na Exit k zavření programu.

Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Update Malwarebytes' Anti-Malware (Aktualizace Malwarebytes' Anti-Malware) a Launch Malwarebytes' Anti-Malware (Spustit aplikaci Malwarebytes' Anti-Malware), pokud jo tak klikni na tlačítko Finish
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Perform Quick Scan (Provést rychlý sken) a klikni na tlačítko Scan (Skenovat)
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- pak zvol možnost Save Logfile a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(ZATÍM SÁM NIC NEMAŽ!).
Vlož sem pak obsah toho logu.

Stáhni AdwCleaner
Ulož si ho na svojí plochu
Ukonči všechny programy, okna a prohlížeče
Spusť program poklepáním a klikni na „Search“
Po skenu se objeví log (jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.

Takže zde jsou ty logy - jinak program AdwCleaner jsem si musel stáhnout u přítelkyně, stránky na kterých je, se mi rovněž nezobrazují.




# AdwCleaner v2.200 - Log vytvooen 13/04/2013 v 17:33:55
# Aktualizováno 02/04/2013 Xplode
# Operaení systém : Microsoft Windows XP Service Pack 3 (32 bits)
# Uživatel : LuCas - LUCAS
# Spuštin systém : Normální
# Spuštino z : C:\Documents and Settings\LuCas\Plocha\adwcleaner.exe
# Volba [Prohledat]


***** [Služby] *****


***** [Soubory / Složky] *****

Složka Nalezeno : C:\Documents and Settings\All Users\Data aplikací\ICQ\ICQToolbar
Složka Nalezeno : C:\Program Files\ICQ6Toolbar

***** [Registry] *****

Hodnota Nalezeno : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Hodnota Nalezeno : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{32099AAC-C132-4136-9E9A-4E364A424E17}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Klíe Nalezeno : HKLM\SOFTWARE\Software

***** [Internetové prohlížeee] *****

-\\ Internet Explorer v6.0.2900.5512

[OK] Registry jsou eisté.

-\\ Mozilla Firefox v20.0.1 (cs)

Soubor : C:\Documents and Settings\LuCas\Data aplikací\Mozilla\Firefox\Profiles\3fto5h9e.default\prefs.js

[OK] Soubor je eistý.

-\\ Google Chrome v [Nemohu získat verzi]

Soubor : C:\Documents and Settings\LuCas\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Preferences

[OK] Soubor je eistý.

*************************

AdwCleaner[R1].txt - [1941 octets] - [13/04/2013 17:33:55]

########## EOF - C:\AdwCleaner[R1].txt - [2001 octets] ##########





Malwarebytes Anti-Malware 1.75.0.1300
http://www.malwarebytes.org

Verze: v2013.04.13.01

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 6.0.2900.5512
LuCas :: LUCAS [administrátor]

13.4.2013 17:21:06
mbam-log-2013-04-13 (17-21-06).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 269999
Uplynulý čas: 8 minut, 17 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)

(konec)

Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
Klikni na „ Vymazat“
Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt) , jeho obsah sem celý vlož.

Stáhni si RogueKiller
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.

tady jsou ty logy

# AdwCleaner v2.200 - Log vytvooen 14/04/2013 v 10:05:20
# Aktualizováno 02/04/2013 Xplode
# Operaení systém : Microsoft Windows XP Service Pack 3 (32 bits)
# Uživatel : LuCas - LUCAS
# Spuštin systém : Normální
# Spuštino z : C:\Documents and Settings\LuCas\Plocha\adwcleaner.exe
# Volba [Vymazat]


***** [Služby] *****


***** [Soubory / Složky] *****

Složka Vymazáno : C:\Documents and Settings\All Users\Data aplikací\ICQ\ICQToolbar
Složka Vymazáno : C:\Program Files\ICQ6Toolbar

***** [Registry] *****

Hodnota Vymazáno : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Hodnota Vymazáno : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{32099AAC-C132-4136-9E9A-4E364A424E17}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Klíe Vymazáno : HKLM\SOFTWARE\Software

***** [Internetové prohlížeee] *****

-\\ Internet Explorer v6.0.2900.5512

[OK] Registry jsou eisté.

-\\ Mozilla Firefox v20.0.1 (cs)

Soubor : C:\Documents and Settings\LuCas\Data aplikací\Mozilla\Firefox\Profiles\3fto5h9e.default\prefs.js

C:\Documents and Settings\LuCas\Data aplikací\Mozilla\Firefox\Profiles\3fto5h9e.default\user.js ... Vymazáno !

[OK] Soubor je eistý.

-\\ Google Chrome v [Nemohu získat verzi]

Soubor : C:\Documents and Settings\LuCas\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Preferences

[OK] Soubor je eistý.

*************************

AdwCleaner[R1].txt - [2070 octets] - [13/04/2013 17:33:55]
AdwCleaner[S1].txt - [2113 octets] - [14/04/2013 10:05:20]

########## EOF - C:\AdwCleaner[S1].txt - [2173 octets] ##########




RogueKiller V8.5.4 [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/

Operační systém : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v : Normální režim
Uživatel : LuCas [Práva správce]
Mód : Kontrola -- Datum : 04/14/2013 10:14:10
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 1 ¤¤¤
[SUSP PATH] snuvcdsm.exe -- C:\WINDOWS\snuvcdsm.exe [7] -> SMAZÁNO [TermProc]

¤¤¤ ¤¤¤ Záznamy Registrů: : 5 ¤¤¤
[RUN][SUSP PATH] HKLM\[...]\Run : snuvcdsm (C:\WINDOWS\snuvcdsm.exe) [7] -> NALEZENO
[DNS] HKLM\[...]\ControlSet001\Services\Tcpip\Interfaces\{8E60D919-A187-4B7B-95B2-B85DDBE5825C} : NameServer (217.31.204.130,193.29.206.206) -> NALEZENO
[DNS] HKLM\[...]\ControlSet003\Services\Tcpip\Interfaces\{8E60D919-A187-4B7B-95B2-B85DDBE5825C} : NameServer (217.31.204.130,193.29.206.206) -> NALEZENO
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> NALEZENO
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤
SSDT[19] : NtAssignProcessToJobObject @ 0x805D66A0 -> HOOKED (Unknown @ 0x8888DC90)
SSDT[57] : NtDebugActiveProcess @ 0x80643BA8 -> HOOKED (Unknown @ 0x8888E200)
SSDT[68] : NtDuplicateObject @ 0x805BE010 -> HOOKED (Unknown @ 0x8888E2F0)
SSDT[122] : NtOpenProcess @ 0x805CB456 -> HOOKED (Unknown @ 0x8888D590)
SSDT[128] : NtOpenThread @ 0x805CB6E2 -> HOOKED (Unknown @ 0x8888D800)
SSDT[137] : NtProtectVirtualMemory @ 0x805B8426 -> HOOKED (Unknown @ 0x8888DFD0)
SSDT[180] : NtQueueApcThread @ 0x805D2756 -> HOOKED (Unknown @ 0x8888E0E0)
SSDT[213] : NtSetContextThread @ 0x805D2C1A -> HOOKED (Unknown @ 0x8888DEC0)
SSDT[229] : NtSetInformationThread @ 0x805CC124 -> HOOKED (Unknown @ 0x8888DD90)
SSDT[237] : NtSetSecurityObject @ 0x805C0636 -> HOOKED (Unknown @ 0x8888ADA0)
SSDT[253] : NtSuspendProcess @ 0x805D4AE0 -> HOOKED (Unknown @ 0x8888DB90)
SSDT[254] : NtSuspendThread @ 0x805D4952 -> HOOKED (Unknown @ 0x8888DA80)
SSDT[257] : NtTerminateProcess @ 0x805D22D8 -> HOOKED (Unknown @ 0x8888D6E0)
SSDT[258] : NtTerminateThread @ 0x805D24D2 -> HOOKED (Unknown @ 0x8888DA50)
SSDT[277] : NtWriteVirtualMemory @ 0x805B43D4 -> HOOKED (Unknown @ 0x8888E6D0)

¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\WINDOWS\system32\drivers\etc\hosts

127.0.0.1 localhost


¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: WDC WD3200BEVT-22ZCT0 +++++
--- User ---
[MBR] 7277b69af372267f1038fd4f3e03bada
[BSP] 132a22339bc1cd5f4f413b3c881a7097 : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 49999 Mo
1 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 102398310 | Size: 255235 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[1]_S_04142013_02d1014.txt >>
RKreport[1]_S_04142013_02d1014.txt

Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB nebo externí disky z počítače před spuštěním tohoto programu.

Spusť RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Počkej, dokud status okno zobrazuje "Prohledat "

- Klikni na "Smazat"
- Počkej, dokud Status box zobrazuje "Smazání- Finished "
- Klikni na "Zprávy " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller

Stáhni si TDSSKiller
Na svojí plochu.Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller.2.2.7.1._(datum)_log.txt , vlož sem prosím celý obsah logu.

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

RogueKiller V8.5.4 [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/

Operační systém : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v : Normální režim
Uživatel : LuCas [Práva správce]
Mód : Odebrat -- Datum : 04/14/2013 10:30:38
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 5 ¤¤¤
[RUN][SUSP PATH] HKLM\[...]\Run : snuvcdsm (C:\WINDOWS\snuvcdsm.exe) [7] -> VYMAZÁNO
[DNS] HKLM\[...]\ControlSet001\Services\Tcpip\Interfaces\{8E60D919-A187-4B7B-95B2-B85DDBE5825C} : NameServer (217.31.204.130,193.29.206.206) -> NEBYLO ODSTRANĚNO, POUŽIJTE DNSFIX
[DNS] HKLM\[...]\ControlSet003\Services\Tcpip\Interfaces\{8E60D919-A187-4B7B-95B2-B85DDBE5825C} : NameServer (217.31.204.130,193.29.206.206) -> NEBYLO ODSTRANĚNO, POUŽIJTE DNSFIX
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> VYMAZÁNO
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤
SSDT[19] : NtAssignProcessToJobObject @ 0x805D66A0 -> HOOKED (Unknown @ 0x8888DC90)
SSDT[57] : NtDebugActiveProcess @ 0x80643BA8 -> HOOKED (Unknown @ 0x8888E200)
SSDT[68] : NtDuplicateObject @ 0x805BE010 -> HOOKED (Unknown @ 0x8888E2F0)
SSDT[122] : NtOpenProcess @ 0x805CB456 -> HOOKED (Unknown @ 0x8888D590)
SSDT[128] : NtOpenThread @ 0x805CB6E2 -> HOOKED (Unknown @ 0x8888D800)
SSDT[137] : NtProtectVirtualMemory @ 0x805B8426 -> HOOKED (Unknown @ 0x8888DFD0)
SSDT[180] : NtQueueApcThread @ 0x805D2756 -> HOOKED (Unknown @ 0x8888E0E0)
SSDT[213] : NtSetContextThread @ 0x805D2C1A -> HOOKED (Unknown @ 0x8888DEC0)
SSDT[229] : NtSetInformationThread @ 0x805CC124 -> HOOKED (Unknown @ 0x8888DD90)
SSDT[237] : NtSetSecurityObject @ 0x805C0636 -> HOOKED (Unknown @ 0x8888ADA0)
SSDT[253] : NtSuspendProcess @ 0x805D4AE0 -> HOOKED (Unknown @ 0x8888DB90)
SSDT[254] : NtSuspendThread @ 0x805D4952 -> HOOKED (Unknown @ 0x8888DA80)
SSDT[257] : NtTerminateProcess @ 0x805D22D8 -> HOOKED (Unknown @ 0x8888D6E0)
SSDT[258] : NtTerminateThread @ 0x805D24D2 -> HOOKED (Unknown @ 0x8888DA50)
SSDT[277] : NtWriteVirtualMemory @ 0x805B43D4 -> HOOKED (Unknown @ 0x8888E6D0)

¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\WINDOWS\system32\drivers\etc\hosts

127.0.0.1 localhost


¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: WDC WD3200BEVT-22ZCT0 +++++
--- User ---
[MBR] 7277b69af372267f1038fd4f3e03bada
[BSP] 132a22339bc1cd5f4f413b3c881a7097 : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 49999 Mo
1 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 102398310 | Size: 255235 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[3]_D_04142013_02d1030.txt >>
RKreport[1]_S_04142013_02d1014.txt ; RKreport[2]_S_04142013_02d1030.txt ; RKreport[3]_D_04142013_02d1030.txt





10:33:28.0953 1772 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
10:33:29.0125 1772 ============================================================
10:33:29.0125 1772 Current date / time: 2013/04/14 10:33:29.0125
10:33:29.0125 1772 SystemInfo:
10:33:29.0125 1772
10:33:29.0125 1772 OS Version: 5.1.2600 ServicePack: 3.0
10:33:29.0125 1772 Product type: Workstation
10:33:29.0125 1772 ComputerName: LUCAS
10:33:29.0125 1772 UserName: LuCas
10:33:29.0125 1772 Windows directory: C:\WINDOWS
10:33:29.0125 1772 System windows directory: C:\WINDOWS
10:33:29.0125 1772 Processor architecture: Intel x86
10:33:29.0125 1772 Number of processors: 2
10:33:29.0125 1772 Page size: 0x1000
10:33:29.0125 1772 Boot type: Normal boot
10:33:29.0125 1772 ============================================================
10:33:31.0390 1772 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
10:33:31.0390 1772 ============================================================
10:33:31.0390 1772 \Device\Harddisk0\DR0:
10:33:31.0390 1772 MBR partitions:
10:33:31.0390 1772 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x61A7927
10:33:31.0406 1772 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x61A79A5, BlocksNum 0x1F281E5B
10:33:31.0406 1772 ============================================================
10:33:31.0437 1772 C: <-> \Device\Harddisk0\DR0\Partition1
10:33:31.0500 1772 D: <-> \Device\Harddisk0\DR0\Partition2
10:33:31.0500 1772 ============================================================
10:33:31.0500 1772 Initialize success
10:33:31.0500 1772 ============================================================
10:33:37.0265 3980 ============================================================
10:33:37.0265 3980 Scan started
10:33:37.0265 3980 Mode: Manual;
10:33:37.0265 3980 ============================================================
10:33:38.0203 3980 ================ Scan system memory ========================
10:33:38.0203 3980 System memory - ok
10:33:38.0203 3980 ================ Scan services =============================
10:33:38.0390 3980 [ DCCC7BCAAD497DA2C4607B8035516D95 ] ABBYY.Licensing.FineReader.Professional.10.0 C:\Program Files\Common Files\ABBYY\FineReader\10.00\Licensing\PE\NetworkLicenseServer.exe
10:33:38.0406 3980 ABBYY.Licensing.FineReader.Professional.10.0 - ok
10:33:38.0484 3980 Abiosdsk - ok
10:33:38.0515 3980 abp480n5 - ok
10:33:38.0578 3980 [ 4FE34F1F3126B61FCC6B2043AA8112C9 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
10:33:38.0609 3980 ACPI - ok
10:33:38.0640 3980 [ AFDFF022A01F0B11C776F0860C3B282F ] ACPIEC C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
10:33:38.0656 3980 ACPIEC - ok
10:33:38.0734 3980 [ 479901C99FA62D1C3261B7ACB1228DAD ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
10:33:38.0734 3980 AdobeFlashPlayerUpdateSvc - ok
10:33:38.0765 3980 adpu160m - ok
10:33:38.0890 3980 [ CBFAA333EBA2E402A0439A3A0E5413F3 ] AdvancedSystemCareService6 C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe
10:33:38.0890 3980 AdvancedSystemCareService6 - ok
10:33:38.0921 3980 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
10:33:38.0937 3980 aec - ok
10:33:39.0000 3980 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
10:33:39.0000 3980 AFD - ok
10:33:39.0015 3980 Aha154x - ok
10:33:39.0046 3980 aic78u2 - ok
10:33:39.0078 3980 aic78xx - ok
10:33:39.0140 3980 [ E0A6FA244B8624D78FE5FF6F56A33BAE ] Alerter C:\WINDOWS\system32\alrsvc.dll
10:33:39.0140 3980 Alerter - ok
10:33:39.0171 3980 [ 88842DE939A827577BF24243699AC80A ] ALG C:\WINDOWS\System32\alg.exe
10:33:39.0171 3980 ALG - ok
10:33:39.0203 3980 AliIde - ok
10:33:39.0234 3980 amsint - ok
10:33:39.0296 3980 [ 6B8E7A90E576D4FE308F97C69060A171 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
10:33:39.0296 3980 AppMgmt - ok
10:33:39.0343 3980 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
10:33:39.0359 3980 Arp1394 - ok
10:33:39.0375 3980 asc - ok
10:33:39.0406 3980 asc3350p - ok
10:33:39.0437 3980 asc3550 - ok
10:33:39.0656 3980 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
10:33:39.0687 3980 aspnet_state - ok
10:33:39.0718 3980 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
10:33:39.0734 3980 AsyncMac - ok
10:33:39.0765 3980 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
10:33:39.0765 3980 atapi - ok
10:33:39.0796 3980 Atdisk - ok
10:33:39.0859 3980 [ E305A48CC3D64605E0863DCC9FAD7C55 ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe
10:33:39.0875 3980 Ati HotKey Poller - ok
10:33:40.0015 3980 [ AA036551B7FBA29DC7BF950485EF850B ] ati2mtag C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
10:33:40.0046 3980 ati2mtag - ok
10:33:40.0093 3980 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
10:33:40.0109 3980 Atmarpc - ok
10:33:40.0156 3980 [ DE31B88962A8645DBA5A37B993E7B0F1 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
10:33:40.0171 3980 AudioSrv - ok
10:33:40.0203 3980 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
10:33:40.0218 3980 audstub - ok
10:33:40.0296 3980 [ EA2D28BBE98256654397CD1F6EAEBDD8 ] Autodesk Licensing Service C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
10:33:40.0296 3980 Autodesk Licensing Service - ok
10:33:40.0359 3980 [ DE68EF1CCB345DE3C13C5EC9D1EB0CE5 ] Autodesk Network Licensing Service C:\Program Files\Common Files\Autodesk Shared\Service\AdskNetSrv.exe
10:33:40.0375 3980 Autodesk Network Licensing Service - ok
10:33:40.0421 3980 [ F96038AA1EC4013A93D2420FC689D1E9 ] b57w2k C:\WINDOWS\system32\DRIVERS\b57xp32.sys
10:33:40.0453 3980 b57w2k - ok
10:33:40.0500 3980 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
10:33:40.0515 3980 Beep - ok
10:33:40.0578 3980 [ 19395D092FD85DDC2D9C7729CF5A2AC8 ] BITS C:\WINDOWS\system32\qmgr.dll
10:33:40.0578 3980 BITS - ok
10:33:40.0640 3980 [ 73686FE0B2E0469F89FD2075BE724704 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
10:33:40.0640 3980 Bonjour Service - ok
10:33:40.0703 3980 [ 89E739BBA5F636297EA5B5F811189E06 ] Browser C:\WINDOWS\System32\browser.dll
10:33:40.0703 3980 Browser - ok
10:33:40.0765 3980 [ ECDC40CC54603C711E1A7A1C9255184A ] btaudio C:\WINDOWS\system32\drivers\btaudio.sys
10:33:40.0781 3980 btaudio - ok
10:33:40.0843 3980 [ 58A49BD10E08D3D4333A60DEDCB1CED8 ] BTDriver C:\WINDOWS\system32\DRIVERS\btport.sys
10:33:40.0875 3980 BTDriver - ok
10:33:40.0921 3980 [ 885B6D0F826A216EEE4C3AD883809012 ] BTKRNL C:\WINDOWS\system32\DRIVERS\btkrnl.sys
10:33:40.0953 3980 BTKRNL - ok
10:33:41.0062 3980 [ 49E9ED37FAEC5E8C03E81FD73D3884D6 ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
10:33:41.0062 3980 btwdins - ok
10:33:41.0093 3980 [ B1D350F3F13CF340FCE93912D2BA1EBF ] BTWDNDIS C:\WINDOWS\system32\DRIVERS\btwdndis.sys
10:33:41.0109 3980 BTWDNDIS - ok
10:33:41.0171 3980 [ E48668B4A6A5CF68B33AECAD18EE8E1E ] btwhid C:\WINDOWS\system32\DRIVERS\btwhid.sys
10:33:41.0203 3980 btwhid - ok
10:33:41.0218 3980 [ 57E91E9925976BBC98984EEBAAF1D84C ] BTWUSB C:\WINDOWS\system32\Drivers\btwusb.sys
10:33:41.0250 3980 BTWUSB - ok
10:33:41.0265 3980 C-Dilla - ok
10:33:41.0359 3980 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
10:33:41.0375 3980 cbidf2k - ok
10:33:41.0421 3980 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
10:33:41.0437 3980 CCDECODE - ok
10:33:41.0468 3980 cd20xrnt - ok
10:33:41.0500 3980 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
10:33:41.0515 3980 Cdaudio - ok
10:33:41.0546 3980 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
10:33:41.0562 3980 Cdfs - ok
10:33:41.0593 3980 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
10:33:41.0609 3980 Cdrom - ok
10:33:41.0640 3980 Changer - ok
10:33:41.0687 3980 [ E390DC1D7C461D7D56EC53402F329928 ] CiSvc C:\WINDOWS\system32\cisvc.exe
10:33:41.0687 3980 CiSvc - ok
10:33:41.0734 3980 [ 064507A8DFA8C5C7E2FFDDD3E6F424FA ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
10:33:41.0734 3980 ClipSrv - ok
10:33:41.0796 3980 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:33:41.0890 3980 clr_optimization_v2.0.50727_32 - ok
10:33:41.0921 3980 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:33:41.0984 3980 clr_optimization_v4.0.30319_32 - ok
10:33:42.0015 3980 [ 0F6C187D38D98F8DF904589A5F94D411 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys
10:33:42.0031 3980 CmBatt - ok
10:33:42.0062 3980 CmdIde - ok
10:33:42.0109 3980 [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys
10:33:42.0125 3980 Compbatt - ok
10:33:42.0156 3980 COMSysApp - ok
10:33:42.0218 3980 Cpqarray - ok
10:33:42.0296 3980 cpuz136 - ok
10:33:42.0359 3980 [ F3AB0933CBD166D271992F411C27CCAF ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
10:33:42.0359 3980 CryptSvc - ok
10:33:42.0375 3980 dac2w2k - ok
10:33:42.0406 3980 dac960nt - ok
10:33:42.0468 3980 [ BE27674D1CBC3214AEC84B4336A38BBF ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
10:33:42.0468 3980 DcomLaunch - ok
10:33:42.0531 3980 [ 8C9A53E285AC5E6704844D0459EC85BE ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
10:33:42.0531 3980 Dhcp - ok
10:33:42.0546 3980 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
10:33:42.0562 3980 Disk - ok
10:33:42.0593 3980 [ 060DB81DFB79C8244EB65D10B6C7873F ] DKbFltr C:\WINDOWS\system32\DRIVERS\DKbFltr.sys
10:33:42.0593 3980 DKbFltr - ok
10:33:42.0625 3980 dmadmin - ok
10:33:42.0687 3980 [ DB5FD2BF5B07DC54BFCB3664FF05BD7C ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
10:33:42.0703 3980 dmboot - ok
10:33:42.0734 3980 [ FFF1720AF51171F32F1EAD5CF71F2810 ] dmio C:\WINDOWS\system32\drivers\dmio.sys
10:33:42.0750 3980 dmio - ok
10:33:42.0781 3980 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
10:33:42.0812 3980 dmload - ok
10:33:42.0859 3980 [ 2BFEFE9E865655A76982F050450B9591 ] dmserver C:\WINDOWS\System32\dmserver.dll
10:33:42.0859 3980 dmserver - ok
10:33:42.0875 3980 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
10:33:42.0875 3980 DMusic - ok
10:33:42.0937 3980 [ DFAA406BF19F4EE806A6F8D4342137F7 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
10:33:42.0937 3980 Dnscache - ok
10:33:43.0000 3980 [ 4A3E2BD20157A0946751229E92EB8621 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
10:33:43.0000 3980 Dot3svc - ok
10:33:43.0015 3980 dpti2o - ok
10:33:43.0062 3980 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
10:33:43.0078 3980 drmkaud - ok
10:33:43.0140 3980 [ AF82DC664E3D8E2CBA3B95E68F6448A7 ] eamon C:\WINDOWS\system32\DRIVERS\eamon.sys
10:33:43.0140 3980 eamon - ok
10:33:43.0171 3980 [ 0887D9C2BE8D940778CAD1E3B85F2A41 ] EapHost C:\WINDOWS\System32\eapsvc.dll
10:33:43.0187 3980 EapHost - ok
10:33:43.0234 3980 [ 686A799C1BF1B18941994DAF9F45DB06 ] ehdrv C:\WINDOWS\system32\DRIVERS\ehdrv.sys
10:33:43.0250 3980 ehdrv - ok
10:33:43.0328 3980 [ 9329BA45C8B97485926A171E34C2ABB8 ] EhttpSrv C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
10:33:43.0343 3980 EhttpSrv - ok
10:33:43.0390 3980 [ 3543C6195D5ED4EDA0316D3E1BA0E6EE ] ekrn C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
10:33:43.0390 3980 ekrn - ok
10:33:43.0484 3980 [ D33EC04D1F0B5F388DE86CCC3333A59F ] eLockService C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
10:33:43.0484 3980 eLockService - ok
10:33:43.0515 3980 [ 3A7FBA5C06DBCFFC7D062FE705397A96 ] epfwtdir C:\WINDOWS\system32\DRIVERS\epfwtdir.sys
10:33:43.0515 3980 epfwtdir - ok
10:33:43.0562 3980 [ A2A4912798F2BE706ABADD3D30800D16 ] ERSvc C:\WINDOWS\System32\ersvc.dll
10:33:43.0562 3980 ERSvc - ok
10:33:43.0625 3980 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] Eventlog C:\WINDOWS\system32\services.exe
10:33:43.0625 3980 Eventlog - ok
10:33:43.0656 3980 [ A371F11EF07653591C8DE26AFB13CE7F ] EventSystem C:\WINDOWS\system32\es.dll
10:33:43.0656 3980 EventSystem - ok
10:33:43.0781 3980 [ 53CCA6B4DF0977074E85C9A18F42B5CC ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
10:33:43.0781 3980 EvtEng - ok
10:33:43.0843 3980 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
10:33:43.0859 3980 Fastfat - ok
10:33:43.0906 3980 [ EE9A2B9EA968A792A053C9D1A86BF870 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
10:33:43.0906 3980 FastUserSwitchingCompatibility - ok
10:33:43.0937 3980 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
10:33:43.0953 3980 Fdc - ok
10:33:44.0062 3980 [ 9200A69413D69AB86ADD9BC81960BE7B ] FileMonitor C:\Program Files\IObit\IObit Malware Fighter\Drivers\wxp_x86\FileMonitor.sys
10:33:44.0078 3980 FileMonitor - ok
10:33:44.0125 3980 [ AC366695A0796560AA37215AD5762AAF ] Fips C:\WINDOWS\system32\drivers\Fips.sys
10:33:44.0140 3980 Fips - ok
10:33:44.0218 3980 [ D60EF46DC0E757FE5EB579DB95B88954 ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
10:33:44.0218 3980 FLEXnet Licensing Service - ok
10:33:44.0250 3980 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
10:33:44.0265 3980 Flpydisk - ok
10:33:44.0312 3980 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
10:33:44.0328 3980 FltMgr - ok
10:33:44.0421 3980 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
10:33:44.0421 3980 FontCache3.0.0.0 - ok
10:33:44.0468 3980 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
10:33:44.0484 3980 Fs_Rec - ok
10:33:44.0515 3980 [ 4E664D8541DB4A66B73A24257E322E1F ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
10:33:44.0531 3980 Ftdisk - ok
10:33:44.0562 3980 [ 77EBF3E9386DAA51551AF429052D88D0 ] giveio C:\WINDOWS\system32\giveio.sys
10:33:44.0562 3980 giveio - ok
10:33:44.0609 3980 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
10:33:44.0625 3980 Gpc - ok
10:33:44.0703 3980 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
10:33:44.0703 3980 gupdate - ok
10:33:44.0734 3980 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
10:33:44.0734 3980 gupdatem - ok
10:33:44.0781 3980 [ 833051C6C6C42117191935F734CFBD97 ] hamachi C:\WINDOWS\system32\DRIVERS\hamachi.sys
10:33:44.0781 3980 hamachi - ok
10:33:44.0859 3980 [ 4480BF01193E88DDB466092D6532865C ] Hamachi2Svc C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
10:33:44.0875 3980 Hamachi2Svc - ok
10:33:44.0906 3980 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
10:33:44.0921 3980 HDAudBus - ok
10:33:45.0000 3980 [ FCFE31FB75F8A6295B6B0AF87A626282 ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
10:33:45.0000 3980 helpsvc - ok
10:33:45.0046 3980 [ 00E25EE90166B3E1BE6E74AEBF858306 ] HidServ C:\WINDOWS\System32\hidserv.dll
10:33:45.0062 3980 HidServ - ok
10:33:45.0078 3980 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
10:33:45.0109 3980 HidUsb - ok
10:33:45.0156 3980 [ 7A6B320928F86BC851530D63C82965D9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
10:33:45.0156 3980 hkmsvc - ok
10:33:45.0171 3980 hpn - ok
10:33:45.0234 3980 [ 1151294D3A3B2F223DFE88DA481DE814 ] HSFHWAZL C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys
10:33:45.0250 3980 HSFHWAZL - ok
10:33:45.0296 3980 [ 61943073B7F345016D1AC5489671F926 ] HSF_DPV C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys
10:33:45.0296 3980 HSF_DPV - ok
10:33:45.0359 3980 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
10:33:45.0390 3980 HTTP - ok
10:33:45.0437 3980 [ 58FE2F2DA3BC5573F4A35B3760D3125F ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
10:33:45.0437 3980 HTTPFilter - ok
10:33:45.0453 3980 i2omgmt - ok
10:33:45.0484 3980 i2omp - ok
10:33:45.0515 3980 [ C528E27945367191E7BAE364930B6932 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
10:33:45.0546 3980 i8042prt - ok
10:33:45.0640 3980 [ 7080FE683209D4EE9FBFAAC73CD795FF ] IDA NEXIS License D:\NEXIS32\License\lmgrd.exe
10:33:45.0656 3980 IDA NEXIS License - ok
10:33:45.0750 3980 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
10:33:45.0750 3980 IDriverT - ok
10:33:45.0843 3980 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
10:33:45.0859 3980 idsvc - ok
10:33:45.0890 3980 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
10:33:45.0906 3980 Imapi - ok
10:33:45.0953 3980 [ F7B93AAFAD33B2320954C17E26C8D361 ] ImapiService C:\WINDOWS\system32\imapi.exe
10:33:45.0953 3980 ImapiService - ok
10:33:46.0046 3980 [ 8AE99EBE30E8338907361018D9030835 ] IMFservice C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
10:33:46.0046 3980 IMFservice - ok
10:33:46.0078 3980 ini910u - ok
10:33:46.0171 3980 [ F8F75594C17FE7BCE1B4045BB7199868 ] int15 C:\WINDOWS\system32\drivers\int15.sys
10:33:46.0187 3980 int15 - ok
10:33:46.0328 3980 [ B45A576AD280DD4F605F58B24CDAAFE1 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
10:33:46.0375 3980 IntcAzAudAddService - ok
10:33:46.0390 3980 IntelIde - ok
10:33:46.0515 3980 [ 27B290D632AF2CF3CF40BFDDB7370985 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
10:33:46.0531 3980 intelppm - ok
10:33:46.0578 3980 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
10:33:46.0609 3980 Ip6Fw - ok
10:33:46.0671 3980 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
10:33:46.0703 3980 IpFilterDriver - ok
10:33:46.0734 3980 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
10:33:46.0765 3980 IpInIp - ok
10:33:46.0781 3980 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
10:33:46.0796 3980 IpNat - ok
10:33:46.0843 3980 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
10:33:46.0859 3980 IPSec - ok
10:33:46.0890 3980 [ ACA5E7B54409F9CB5EED97ED0C81120E ] irda C:\WINDOWS\system32\DRIVERS\irda.sys
10:33:46.0906 3980 irda - ok
10:33:46.0937 3980 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
10:33:46.0953 3980 IRENUM - ok
10:33:47.0000 3980 [ 8024EA8C5B2D2A4D201F418B0AADB804 ] Irmon C:\WINDOWS\System32\irmon.dll
10:33:47.0000 3980 Irmon - ok
10:33:47.0046 3980 [ CC9F8A2D60AED1A51A3AC34C59B987AE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
10:33:47.0062 3980 isapnp - ok
10:33:47.0203 3980 [ 999DB5F88C8E145CCA9D471E33227143 ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
10:33:47.0203 3980 JavaQuickStarterService - ok
10:33:47.0250 3980 [ 1B6162FE7F66B1A71A4B70F941C4AA9B ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
10:33:47.0265 3980 Kbdclass - ok
10:33:47.0281 3980 [ 86C8F23616C6C6E5B2776901C17B945B ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
10:33:47.0296 3980 kbdhid - ok
10:33:47.0328 3980 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
10:33:47.0359 3980 kmixer - ok
10:33:47.0390 3980 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
10:33:47.0406 3980 KSecDD - ok
10:33:47.0453 3980 [ 3428E8F86F8ADD36B42FB23542C7B3E4 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
10:33:47.0468 3980 lanmanserver - ok
10:33:47.0500 3980 [ 936C1D110232D23B621CB0196E4F80F0 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
10:33:47.0515 3980 lanmanworkstation - ok
10:33:47.0531 3980 lbrtfdc - ok
10:33:47.0625 3980 [ 0AB159F536E3E8F7F07113702A07CCA5 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
10:33:47.0625 3980 LmHosts - ok
10:33:47.0656 3980 [ 4470E3C1E0C3378E4CAB137893C12C3A ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys
10:33:47.0656 3980 MBAMProtector - ok
10:33:47.0796 3980 [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler D:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
10:33:47.0796 3980 MBAMScheduler - ok
10:33:47.0859 3980 [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService D:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
10:33:47.0859 3980 MBAMService - ok
10:33:47.0906 3980 [ 0CEA2D0D3FA284B85ED5B68365114F76 ] mdmxsdk C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
10:33:47.0906 3980 mdmxsdk - ok
10:33:47.0953 3980 [ 221CD1C815B8A6B79389C3F5D1018DE8 ] Messenger C:\WINDOWS\System32\msgsvc.dll
10:33:47.0953 3980 Messenger - ok
10:33:48.0062 3980 [ AA0C4A2C33CE075DF2C272D678734991 ] mi-raysat_3dsMax2009_32 C:\Program Files\Autodesk\3ds Max 2009\mentalray\satellite\raysat_3dsMax2009_32server.exe
10:33:48.0062 3980 mi-raysat_3dsMax2009_32 - ok
10:33:48.0156 3980 [ FAFE367D032ED82E9332B4C741A20216 ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
10:33:48.0156 3980 Microsoft Office Groove Audit Service - ok
10:33:48.0187 3980 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
10:33:48.0203 3980 mnmdd - ok
10:33:48.0234 3980 [ 9A57D046F88F4B69751B11FD40088A61 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
10:33:48.0250 3980 mnmsrvc - ok
10:33:48.0281 3980 [ 44032B0C6D9954D3FD26438330B99EE7 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
10:33:48.0296 3980 Modem - ok
10:33:48.0343 3980 [ 4CB582831DBDE63CE43B45D771218374 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
10:33:48.0359 3980 Mouclass - ok
10:33:48.0406 3980 [ BB269EBA740737AB749B214D568B6812 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
10:33:48.0421 3980 mouhid - ok
10:33:48.0468 3980 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
10:33:48.0484 3980 MountMgr - ok
10:33:48.0531 3980 [ 7EDBBB9351A38C6BB0FE98CFD44DB430 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
10:33:48.0531 3980 MozillaMaintenance - ok
10:33:48.0546 3980 mraid35x - ok
10:33:48.0578 3980 MREMP50 - ok
10:33:48.0609 3980 MREMP50a64 - ok
10:33:48.0640 3980 MREMPR5 - ok
10:33:48.0671 3980 MRENDIS5 - ok
10:33:48.0703 3980 MRESP50 - ok
10:33:48.0734 3980 MRESP50a64 - ok
10:33:48.0781 3980 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
10:33:48.0812 3980 MRxDAV - ok
10:33:48.0890 3980 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
10:33:48.0906 3980 MRxSmb - ok
10:33:48.0953 3980 [ 6DB4D1521CABA9A5FFAB54ADE0AE867D ] MSDTC C:\WINDOWS\system32\msdtc.exe
10:33:48.0953 3980 MSDTC - ok
10:33:49.0015 3980 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
10:33:49.0031 3980 Msfs - ok
10:33:49.0046 3980 MSIServer - ok
10:33:49.0093 3980 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
10:33:49.0109 3980 MSKSSRV - ok
10:33:49.0140 3980 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
10:33:49.0156 3980 MSPCLOCK - ok
10:33:49.0218 3980 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
10:33:49.0234 3980 MSPQM - ok
10:33:49.0265 3980 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
10:33:49.0281 3980 mssmbios - ok
10:33:49.0296 3980 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
10:33:49.0312 3980 MSTEE - ok
10:33:49.0359 3980 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
10:33:49.0375 3980 Mup - ok
10:33:49.0406 3980 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
10:33:49.0437 3980 NABTSFEC - ok
10:33:49.0484 3980 [ 6EA362E9DB03D44F6B996F4D8BE237E9 ] napagent C:\WINDOWS\System32\qagentrt.dll
10:33:49.0484 3980 napagent - ok
10:33:49.0578 3980 [ 2637F26312ECCEEB6F110E95F1ECE243 ] NBService C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
10:33:49.0578 3980 NBService - ok
10:33:49.0609 3980 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
10:33:49.0625 3980 NDIS - ok
10:33:49.0656 3980 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
10:33:49.0671 3980 NdisIP - ok
10:33:49.0703 3980 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
10:33:49.0718 3980 NdisTapi - ok
10:33:49.0750 3980 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
10:33:49.0765 3980 Ndisuio - ok
10:33:49.0796 3980 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
10:33:49.0812 3980 NdisWan - ok
10:33:49.0843 3980 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
10:33:49.0859 3980 NDProxy - ok
10:33:49.0890 3980 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
10:33:49.0906 3980 NetBIOS - ok
10:33:49.0937 3980 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
10:33:49.0953 3980 NetBT - ok
10:33:50.0000 3980 [ 933DE774986EC85E48210C44AB431DE6 ] NetDDE C:\WINDOWS\system32\netdde.exe
10:33:50.0000 3980 NetDDE - ok
10:33:50.0031 3980 [ 933DE774986EC85E48210C44AB431DE6 ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
10:33:50.0031 3980 NetDDEdsdm - ok
10:33:50.0078 3980 [ ED0A176354487CEED65B80A7148AB739 ] Netlogon C:\WINDOWS\system32\lsass.exe
10:33:50.0078 3980 Netlogon - ok
10:33:50.0125 3980 [ 72E1E9E2977BE08BDEEDB6D8FD9D4D40 ] Netman C:\WINDOWS\System32\netman.dll
10:33:50.0125 3980 Netman - ok
10:33:50.0171 3980 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
10:33:50.0171 3980 NetTcpPortSharing - ok
10:33:50.0265 3980 [ 9EB7001200BC53DAD5BC531F0E58970E ] NETw4x32 C:\WINDOWS\system32\DRIVERS\NETw4x32.sys
10:33:50.0281 3980 NETw4x32 - ok
10:33:50.0406 3980 [ CCDB8DB66ACD3C0A6C8E171B79F60AC4 ] NETw5x32 C:\WINDOWS\system32\DRIVERS\NETw5x32.sys
10:33:50.0437 3980 NETw5x32 - ok
10:33:50.0625 3980 [ CBD6918929B5EDACFF9C782536019BBB ] NETwLx32 C:\WINDOWS\system32\DRIVERS\NETwLx32.sys
10:33:50.0671 3980 NETwLx32 - ok
10:33:50.0703 3980 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
10:33:50.0718 3980 NIC1394 - ok
10:33:50.0765 3980 [ 39EE7C3BFBC64BA87CC8CF67386E814C ] Nla C:\WINDOWS\System32\mswsock.dll
10:33:50.0781 3980 Nla - ok
10:33:50.0812 3980 [ F6C40E0A565EE3CE5AEEB325E10054F2 ] nmwcd C:\WINDOWS\system32\drivers\ccdcmb.sys
10:33:50.0828 3980 nmwcd - ok
10:33:50.0859 3980 [ 2A394E9E1FA3565E4B2FEA470FFE4D6B ] nmwcdc C:\WINDOWS\system32\drivers\ccdcmbo.sys
10:33:50.0859 3980 nmwcdc - ok
10:33:50.0875 3980 NOD32FiXTemDono - ok
10:33:50.0921 3980 NPF - ok
10:33:50.0984 3980 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
10:33:51.0000 3980 Npfs - ok
10:33:51.0062 3980 [ 2ADC0CA9945C65284B3D19BC18765974 ] NSCIRDA C:\WINDOWS\system32\DRIVERS\nscirda.sys
10:33:51.0093 3980 NSCIRDA - ok
10:33:51.0109 3980 NSNDIS5 - ok
10:33:51.0171 3980 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
10:33:51.0203 3980 Ntfs - ok
10:33:51.0218 3980 [ ED0A176354487CEED65B80A7148AB739 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
10:33:51.0218 3980 NtLmSsp - ok
10:33:51.0281 3980 [ 023DD70573D644F3D9C8B1258A7BFD08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
10:33:51.0296 3980 NtmsSvc - ok
10:33:51.0343 3980 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
10:33:51.0359 3980 Null - ok
10:33:51.0375 3980 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
10:33:51.0390 3980 NwlnkFlt - ok
10:33:51.0421 3980 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
10:33:51.0437 3980 NwlnkFwd - ok
10:33:51.0546 3980 [ 84DE1DD996B48B05ACE31AD015FA108A ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
10:33:51.0546 3980 odserv - ok
10:33:51.0578 3980 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
10:33:51.0609 3980 ohci1394 - ok
10:33:51.0671 3980 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:33:51.0671 3980 ose - ok
10:33:51.0750 3980 [ 46F8DB73B4A53E543F8E371DC7C75BAE ] Parport C:\WINDOWS\system32\drivers\Parport.sys
10:33:51.0765 3980 Parport - ok
10:33:51.0796 3980 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
10:33:51.0812 3980 PartMgr - ok
10:33:51.0859 3980 [ 1FAE19D0457176318BBA4A8795656EBC ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
10:33:51.0875 3980 ParVdm - ok
10:33:51.0921 3980 [ FD2041E9BA03DB7764B2248F02475079 ] pccsmcfd C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
10:33:51.0921 3980 pccsmcfd - ok
10:33:51.0937 3980 [ 6CE351D149CB4BEFC702951E471E1730 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
10:33:51.0953 3980 PCI - ok
10:33:51.0984 3980 PCIDump - ok
10:33:52.0031 3980 [ 2DA4EC85E0EA7A45C6B2A05820492D5A ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
10:33:52.0046 3980 PCIIde - ok
10:33:52.0109 3980 [ 4FC31E6C19A5CE5198B1ABFF94CAE758 ] Pcmcia C:\WINDOWS\system32\DRIVERS\pcmcia.sys
10:33:52.0140 3980 Pcmcia - ok
10:33:52.0171 3980 PDCOMP - ok
10:33:52.0203 3980 PDFRAME - ok
10:33:52.0234 3980 PDRELI - ok
10:33:52.0265 3980 PDRFRAME - ok
10:33:52.0296 3980 perc2 - ok
10:33:52.0328 3980 perc2hib - ok
10:33:52.0468 3980 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] PlugPlay C:\WINDOWS\system32\services.exe
10:33:52.0468 3980 PlugPlay - ok
10:33:52.0515 3980 [ 19E83B09AB8EE1D837665DA941E2AC44 ] PnkBstrA C:\WINDOWS\system32\PnkBstrA.exe
10:33:52.0515 3980 PnkBstrA - ok
10:33:52.0546 3980 [ ED0A176354487CEED65B80A7148AB739 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
10:33:52.0546 3980 PolicyAgent - ok
10:33:52.0578 3980 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
10:33:52.0593 3980 PptpMiniport - ok
10:33:52.0609 3980 [ ED0A176354487CEED65B80A7148AB739 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
10:33:52.0609 3980 ProtectedStorage - ok
10:33:52.0640 3980 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
10:33:52.0671 3980 PSched - ok
10:33:52.0734 3980 [ 32338659E9DA79055406F2157CD0E1DF ] psdfilter C:\WINDOWS\system32\Drivers\psdfilter.sys
10:33:52.0750 3980 psdfilter - ok
10:33:52.0781 3980 [ 4C7947014674DF40B7AF52342A9157D0 ] psdvdisk C:\WINDOWS\system32\Drivers\psdvdisk.sys
10:33:52.0796 3980 psdvdisk - ok
10:33:52.0843 3980 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
10:33:52.0859 3980 Ptilink - ok
10:33:52.0890 3980 [ E42E3433DBB4CFFE8FDD91EAB29AEA8E ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
10:33:52.0921 3980 PxHelp20 - ok
10:33:52.0937 3980 ql1080 - ok
10:33:52.0968 3980 Ql10wnt - ok
10:33:53.0000 3980 ql12160 - ok
10:33:53.0031 3980 ql1240 - ok
10:33:53.0062 3980 ql1280 - ok
10:33:53.0093 3980 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
10:33:53.0109 3980 RasAcd - ok
10:33:53.0156 3980 [ 2B5E44EA009F2F374B980E1E9A70635D ] RasAuto C:\WINDOWS\System32\rasauto.dll
10:33:53.0156 3980 RasAuto - ok
10:33:53.0203 3980 [ 0207D26DDF796A193CCD9F83047BB5FC ] Rasirda C:\WINDOWS\system32\DRIVERS\rasirda.sys
10:33:53.0218 3980 Rasirda - ok
10:33:53.0250 3980 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
10:33:53.0265 3980 Rasl2tp - ok
10:33:53.0312 3980 [ D57554C664B64604BD1EE13EA2C07E77 ] RasMan C:\WINDOWS\System32\rasmans.dll
10:33:53.0328 3980 RasMan - ok
10:33:53.0343 3980 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
10:33:53.0359 3980 RasPppoe - ok
10:33:53.0375 3980 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
10:33:53.0390 3980 Raspti - ok
10:33:53.0437 3980 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
10:33:53.0484 3980 Rdbss - ok
10:33:53.0515 3980 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
10:33:53.0531 3980 RDPCDD - ok
10:33:53.0593 3980 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
10:33:53.0609 3980 rdpdr - ok
10:33:53.0671 3980 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
10:33:53.0687 3980 RDPWD - ok
10:33:53.0718 3980 [ C0D9D9711CB74EE9BC66353D8CBDAB0E ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
10:33:53.0734 3980 RDSessMgr - ok
10:33:53.0812 3980 [ A0FF419B61AE47E26ADF3BB15DB4F2FE ] RealNetworks Downloader Resolver Service C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
10:33:53.0812 3980 RealNetworks Downloader Resolver Service - ok
10:33:53.0859 3980 [ 611BFD220305BE3A85AE876EA47D4AA5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
10:33:53.0875 3980 redbook - ok
10:33:53.0906 3980 [ D03FA5EC6B855FEE1EE16C5B0C0BA42C ] RegFilter C:\Program Files\IObit\IObit Malware Fighter\drivers\wxp_x86\regfilter.sys
10:33:53.0906 3980 RegFilter - ok
10:33:53.0984 3980 [ 7C4391419852DFC331F6AF620C33AF3C ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
10:33:53.0984 3980 RegSrvc - ok
10:33:54.0031 3980 [ 127C26B5371651043450E52542099ABA ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
10:33:54.0031 3980 RemoteAccess - ok
10:33:54.0078 3980 [ 8F31505484A190D5B22274708799F4EC ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
10:33:54.0093 3980 RemoteRegistry - ok
10:33:54.0109 3980 rpcapd - ok
10:33:54.0156 3980 [ 718B3BDC0BC3C2F7D065A53D26202AF9 ] RpcLocator C:\WINDOWS\system32\locator.exe
10:33:54.0156 3980 RpcLocator - ok
10:33:54.0187 3980 [ BE27674D1CBC3214AEC84B4336A38BBF ] RpcSs C:\WINDOWS\System32\rpcss.dll
10:33:54.0203 3980 RpcSs - ok
10:33:54.0250 3980 [ 09AB2E71E58B078038E3BFDBA7FFC984 ] RSVP C:\WINDOWS\system32\rsvp.exe
10:33:54.0250 3980 RSVP - ok
10:33:54.0296 3980 [ 55CCC8CED5778556F6B516B3858AC970 ] S24EventMonitor C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
10:33:54.0312 3980 S24EventMonitor - ok
10:33:54.0343 3980 [ 96B4494D4734970F47C566E098C4F527 ] s24trans C:\WINDOWS\system32\DRIVERS\s24trans.sys
10:33:54.0343 3980 s24trans - ok
10:33:54.0375 3980 [ ED0A176354487CEED65B80A7148AB739 ] SamSs C:\WINDOWS\system32\lsass.exe
10:33:54.0375 3980 SamSs - ok
10:33:54.0437 3980 [ 410046E401EB11E1E6749E9DEEA41D4A ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
10:33:54.0453 3980 SCardSvr - ok
10:33:54.0484 3980 [ 3FF232A7731621B8902D81D42418C93C ] Schedule C:\WINDOWS\system32\schedsvc.dll
10:33:54.0500 3980 Schedule - ok
10:33:54.0546 3980 [ 8D04819A3CE51B9EB47E5689B44D43C4 ] sdbus C:\WINDOWS\system32\DRIVERS\sdbus.sys
10:33:54.0593 3980 sdbus - ok
10:33:54.0640 3980 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
10:33:54.0656 3980 Secdrv - ok
10:33:54.0703 3980 [ 477E2C3CC5E4A0D635BCB0EA8DCAC3C6 ] seclogon C:\WINDOWS\System32\seclogon.dll
10:33:54.0703 3980 seclogon - ok
10:33:54.0734 3980 [ A530B75C10C23C9AB28FDB6CE719E21F ] SENS C:\WINDOWS\system32\sens.dll
10:33:54.0734 3980 SENS - ok
10:33:54.0781 3980 [ B842729337C9B921615C40D3C1A1AF96 ] Serial C:\WINDOWS\system32\drivers\Serial.sys
10:33:54.0812 3980 Serial - ok
10:33:54.0906 3980 [ C15B813F2FDB44F87F23312472C6E790 ] ServiceLayer C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
10:33:54.0906 3980 ServiceLayer - ok
10:33:55.0046 3980 [ 4C0D673281178CB496011A2E28571FC8 ] sfdrv01 C:\WINDOWS\system32\drivers\sfdrv01.sys
10:33:55.0062 3980 sfdrv01 - ok
10:33:55.0093 3980 [ 0FA803C64DF0914B41F807EA276BF2A6 ] sffdisk C:\WINDOWS\system32\DRIVERS\sffdisk.sys
10:33:55.0109 3980 sffdisk - ok
10:33:55.0140 3980 [ C17C331E435ED8737525C86A7557B3AC ] sffp_sd C:\WINDOWS\system32\DRIVERS\sffp_sd.sys
10:33:55.0156 3980 sffp_sd - ok
10:33:55.0187 3980 [ 15BE2B5E4DC5B8623CF167720682ABC9 ] sfhlp02 C:\WINDOWS\system32\drivers\sfhlp02.sys
10:33:55.0218 3980 sfhlp02 - ok
10:33:55.0234 3980 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
10:33:55.0250 3980 Sfloppy - ok
10:33:55.0281 3980 [ EFEBBC1D13FDB77A6AF4EDDFC7232EDF ] sfsync02 C:\WINDOWS\system32\drivers\sfsync02.sys
10:33:55.0312 3980 sfsync02 - ok
10:33:55.0328 3980 [ 9EF50060CC7E6953BAB83F2A42CCC421 ] sfvfs02 C:\WINDOWS\system32\drivers\sfvfs02.sys
10:33:55.0359 3980 sfvfs02 - ok
10:33:55.0406 3980 [ F58FACA9621D2DB01BD0927D9A0A208E ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
10:33:55.0406 3980 SharedAccess - ok
10:33:55.0437 3980 [ EE9A2B9EA968A792A053C9D1A86BF870 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
10:33:55.0437 3980 ShellHWDetection - ok
10:33:55.0468 3980 Simbad - ok
10:33:55.0546 3980 [ A4FAB5F7818A69DA6E740943CB8F7CA9 ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
10:33:55.0562 3980 SkypeUpdate - ok
10:33:55.0609 3980 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
10:33:55.0625 3980 SLIP - ok
10:33:55.0671 3980 [ 14BB60A4F1C5291217A05D5728C403E6 ] SmartDefragDriver C:\WINDOWS\system32\Drivers\SmartDefragDriver.sys
10:33:55.0671 3980 SmartDefragDriver - ok
10:33:55.0781 3980 [ EB746A37CC2F565C703819166AD9C08E ] SNP2UVC C:\WINDOWS\system32\DRIVERS\snp2uvc.sys
10:33:55.0812 3980 SNP2UVC - ok
10:33:55.0828 3980 Sparrow - ok
10:33:55.0859 3980 [ 5D6401DB90EC81B71F8E2C5C8F0FEF23 ] speedfan C:\WINDOWS\system32\speedfan.sys
10:33:55.0890 3980 speedfan - ok
10:33:55.0906 3980 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
10:33:55.0921 3980 splitter - ok
10:33:55.0968 3980 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
10:33:55.0968 3980 Spooler - ok
10:33:56.0062 3980 [ 71E276F6D189413266EA22171806597B ] sptd C:\WINDOWS\system32\Drivers\sptd.sys
10:33:56.0062 3980 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\sptd.sys. md5: 71E276F6D189413266EA22171806597B
10:33:56.0062 3980 sptd ( LockedFile.Multi.Generic ) - warning
10:33:56.0062 3980 sptd - detected LockedFile.Multi.Generic (1)
10:33:56.0109 3980 [ 94610C8653635E4459316A0050D55CE7 ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
10:33:56.0125 3980 sr - ok
10:33:56.0203 3980 [ 35B91147124F64AC8081A2EDB9EA4DEE ] srservice C:\WINDOWS\system32\srsvc.dll
10:33:56.0203 3980 srservice - ok
10:33:56.0234 3980 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
10:33:56.0265 3980 Srv - ok
10:33:56.0296 3980 [ BECD5271DC4E3B7C3D035F790FCBC1E5 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
10:33:56.0312 3980 SSDPSRV - ok
10:33:56.0359 3980 [ C1CDD9275F6A115BB0AE1D55D8D27BA6 ] stisvc C:\WINDOWS\system32\wiaservc.dll
10:33:56.0375 3980 stisvc - ok
10:33:56.0406 3980 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
10:33:56.0437 3980 streamip - ok
10:33:56.0468 3980 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
10:33:56.0484 3980 swenum - ok
10:33:56.0515 3980 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
10:33:56.0546 3980 swmidi - ok
10:33:56.0562 3980 SwPrv - ok
10:33:56.0609 3980 symc810 - ok
10:33:56.0640 3980 symc8xx - ok
10:33:56.0671 3980 sym_hi - ok
10:33:56.0718 3980 sym_u3 - ok
10:33:56.0828 3980 [ CC5DA243CFDAC58FC0408F7CE24084C5 ] SynTP C:\WINDOWS\system32\DRIVERS\SynTP.sys
10:33:56.0843 3980 SynTP - ok
10:33:56.0875 3980 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
10:33:56.0875 3980 sysaudio - ok
10:33:56.0921 3980 [ CE06F01B88ACE199A1BF460CAC29C110 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
10:33:56.0921 3980 SysmonLog - ok
10:33:56.0984 3980 [ C2546CD7A398476F9DF5614B2AE160E8 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
10:33:56.0984 3980 TapiSrv - ok
10:33:57.0015 3980 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
10:33:57.0031 3980 Tcpip - ok
10:33:57.0078 3980 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
10:33:57.0109 3980 TDPIPE - ok
10:33:57.0140 3980 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
10:33:57.0156 3980 TDTCP - ok
10:33:57.0187 3980 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
10:33:57.0234 3980 TermDD - ok
10:33:57.0281 3980 [ A75DD6FC3DBEE4FFF5EBC9F2C28BB66E ] TermService C:\WINDOWS\System32\termsrv.dll
10:33:57.0296 3980 TermService - ok
10:33:57.0328 3980 [ EE9A2B9EA968A792A053C9D1A86BF870 ] Themes C:\WINDOWS\System32\shsvcs.dll
10:33:57.0328 3980 Themes - ok
10:33:57.0375 3980 [ C424F991494E5674F2E9B3CF9F5F55D1 ] tifm21 C:\WINDOWS\system32\drivers\tifm21.sys
10:33:57.0406 3980 tifm21 - ok
10:33:57.0468 3980 [ CD0CC7B167D78043A41C98D4921EFB54 ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
10:33:57.0468 3980 TlntSvr - ok
10:33:57.0484 3980 TosIde - ok
10:33:57.0562 3980 [ 38853304CCB938D30E0C4CDE8D2C2A8A ] TrkWks C:\WINDOWS\system32\trkwks.dll
10:33:57.0562 3980 TrkWks - ok
10:33:57.0687 3980 [ 86CD728FB5F6A409112662E1596D987B ] TuneUp.UtilitiesSvc C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe
10:33:57.0703 3980 TuneUp.UtilitiesSvc - ok
10:33:57.0734 3980 [ F2107C9D85EC0DF116939CCCE06AE697 ] TuneUpUtilitiesDrv C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys
10:33:57.0750 3980 TuneUpUtilitiesDrv - ok
10:33:57.0796 3980 [ 97DD70FECA64FB4F63DE7BB7E66A80B1 ] tvicport C:\WINDOWS\system32\drivers\tvicport.sys
10:33:57.0796 3980 tvicport - ok
10:33:57.0812 3980 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
10:33:57.0843 3980 Udfs - ok
10:33:57.0890 3980 [ 7020C64A20709B39CBE4A1CF371A9CD5 ] UIUSys C:\WINDOWS\system32\DRIVERS\UIUSYS.SYS
10:33:57.0890 3980 UIUSys - ok
10:33:57.0906 3980 ultra - ok
10:33:57.0968 3980 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
10:33:58.0000 3980 Update - ok
10:33:58.0062 3980 [ 651BD90DCEE5B7BDC74A2EB7C9266F9E ] upnphost C:\WINDOWS\System32\upnphost.dll
10:33:58.0078 3980 upnphost - ok
10:33:58.0093 3980 [ 47F5F9D837D80FFD5882A14DB9DA0A67 ] upperdev C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys
10:33:58.0109 3980 upperdev - ok
10:33:58.0140 3980 [ 20A0F6A11959E92908717D09E87D670D ] UPS C:\WINDOWS\System32\ups.exe
10:33:58.0156 3980 UPS - ok
10:33:58.0203 3980 [ CB41CD653916362CA5ECD242382A156E ] UrlFilter C:\Program Files\IObit\IObit Malware Fighter\drivers\wxp_x86\UrlFilter.sys
10:33:58.0218 3980 UrlFilter - ok
10:33:58.0281 3980 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
10:33:58.0296 3980 usbccgp - ok
10:33:58.0312 3980 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
10:33:58.0343 3980 usbehci - ok
10:33:58.0359 3980 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
10:33:58.0375 3980 usbhub - ok
10:33:58.0421 3980 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
10:33:58.0437 3980 usbscan - ok
10:33:58.0484 3980 [ 1C888B000C2F9492F4B15B5B6B84873E ] usbser C:\WINDOWS\system32\drivers\usbser.sys
10:33:58.0500 3980 usbser - ok
10:33:58.0531 3980 [ E44F0D17BE0908B58DCC99CCB99C6C32 ] UsbserFilt C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys
10:33:58.0531 3980 UsbserFilt - ok
10:33:58.0578 3980 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
10:33:58.0593 3980 USBSTOR - ok
10:33:58.0609 3980 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
10:33:58.0640 3980 usbuhci - ok
10:33:58.0671 3980 [ 63BBFCA7F390F4C49ED4B96BFB1633E0 ] usbvideo C:\WINDOWS\system32\Drivers\usbvideo.sys
10:33:58.0671 3980 usbvideo - ok
10:33:58.0718 3980 [ DE2C51E244E543ED4C649052BA66DC0D ] UxTuneUp C:\WINDOWS\System32\uxtuneup.dll
10:33:58.0718 3980 UxTuneUp - ok
10:33:58.0750 3980 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
10:33:58.0765 3980 VgaSave - ok
10:33:58.0781 3980 ViaIde - ok
10:33:58.0828 3980 [ 28A4B296B47782173C346E376CB374D1 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
10:33:58.0859 3980 VolSnap - ok
10:33:58.0906 3980 [ D6BA1A63D9E00933F1CD2A885573AFB2 ] VSS C:\WINDOWS\System32\vssvc.exe
10:33:58.0906 3980 VSS - ok
10:33:58.0968 3980 [ FA4E1CDBA256787F2149F4AAD07BC91F ] W32Time C:\WINDOWS\system32\w32time.dll
10:33:58.0968 3980 W32Time - ok
10:33:59.0000 3980 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
10:33:59.0031 3980 Wanarp - ok
10:33:59.0078 3980 [ D918617B46457B9AC28027722E30F647 ] Wdf01000 C:\WINDOWS\system32\Drivers\wdf01000.sys
10:33:59.0078 3980 Wdf01000 - ok
10:33:59.0093 3980 WDICA - ok
10:33:59.0140 3980 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
10:33:59.0156 3980 wdmaud - ok
10:33:59.0203 3980 [ 47AE51048A82DFA1CD6B51D369F7E169 ] WebClient C:\WINDOWS\System32\webclnt.dll
10:33:59.0203 3980 WebClient - ok
10:33:59.0250 3980 [ 97D0D27A87622154BC90B92D84FD91B5 ] whfltr2k C:\WINDOWS\system32\DRIVERS\whfltr2k.sys
10:33:59.0265 3980 whfltr2k - ok
10:33:59.0312 3980 [ AFCEA7939925378F867DDE6AF76F3924 ] WIBUKEY C:\WINDOWS\system32\DRIVERS\WibuKey.sys
10:33:59.0343 3980 WIBUKEY - ok
10:33:59.0406 3980 [ 37E020574E953D3A4FE926CA06BB53A6 ] winachsf C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
10:33:59.0421 3980 winachsf - ok
10:33:59.0531 3980 [ E488332126E3B1182D2B8A0C35408EC6 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
10:33:59.0531 3980 winmgmt - ok
10:33:59.0609 3980 [ 4D34CEDD74BDBF2B6A935EAE3BF80543 ] WinRM C:\WINDOWS\system32\WsmSvc.dll
10:33:59.0656 3980 WinRM - ok
10:33:59.0750 3980 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\mspmsnsv.dll
10:33:59.0750 3980 WmdmPmSN - ok
10:33:59.0796 3980 [ 0171CFF34BBA8C5977F18C48D8AEF8C6 ] Wmi C:\WINDOWS\System32\advapi32.dll
10:33:59.0812 3980 Wmi - ok
10:33:59.0843 3980 [ C42584FD66CE9E17403AEBCA199F7BDB ] WmiAcpi C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
10:33:59.0859 3980 WmiAcpi - ok
10:33:59.0890 3980 [ 23F6F03272F7E5679F1F050AED5ACEE6 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
10:33:59.0890 3980 WmiApSrv - ok
10:33:59.0937 3980 [ CF4DEF1BF66F06964DC0D91844239104 ] WpdUsb C:\WINDOWS\system32\Drivers\wpdusb.sys
10:33:59.0937 3980 WpdUsb - ok
10:34:00.0046 3980 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
10:34:00.0062 3980 WPFFontCache_v0400 - ok
10:34:00.0093 3980 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
10:34:00.0109 3980 WS2IFSL - ok
10:34:00.0156 3980 [ 4C86D5FAF78194995AF9CC1075F65DD3 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
10:34:00.0156 3980 wscsvc - ok
10:34:00.0187 3980 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
10:34:00.0203 3980 WSTCODEC - ok
10:34:00.0250 3980 [ C1364564800EE9784192145324A23308 ] wuauserv C:\WINDOWS\system32\wuauserv.dll
10:34:00.0250 3980 wuauserv - ok
10:34:00.0312 3980 [ EAA6324F51214D2F6718977EC9CE0DEF ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
10:34:00.0328 3980 WudfPf - ok
10:34:00.0359 3980 [ F91FF1E51FCA30B3C3981DB7D5924252 ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
10:34:00.0359 3980 WudfRd - ok
10:34:00.0390 3980 [ DDEE3682FE97037C45F4D7AB467CB8B6 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
10:34:00.0390 3980 WudfSvc - ok
10:34:00.0437 3980 [ A27D4BA7264C0BF52F32D10405BEA1D4 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
10:34:00.0453 3980 WZCSVC - ok
10:34:00.0484 3980 [ EAA4BB9EDB3FB10CF8979FE65E63658F ] xmlprov C:\WINDOWS\System32\xmlprov.dll
10:34:00.0500 3980 xmlprov - ok
10:34:00.0531 3980 [ 40AC8590CC9006DBB99FFCB37879D4C6 ] zntport C:\WINDOWS\system32\drivers\zntport.sys
10:34:00.0562 3980 zntport - ok
10:34:00.0656 3980 ================ Scan global ===============================
10:34:00.0750 3980 [ F36278E42C8C5DF03CE17DAC8231C91C ] C:\WINDOWS\system32\basesrv.dll
10:34:00.0796 3980 [ 4F1340B27E7590D3E42541769ABD5872 ] C:\WINDOWS\system32\winsrv.dll
10:34:00.0796 3980 [ 4F1340B27E7590D3E42541769ABD5872 ] C:\WINDOWS\system32\winsrv.dll
10:34:00.0828 3980 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] C:\WINDOWS\system32\services.exe
10:34:00.0828 3980 [Global] - ok
10:34:00.0828 3980 ================ Scan MBR ==================================
10:34:00.0875 3980 [ 413FC2A0C716421B3158746D63736515 ] \Device\Harddisk0\DR0
10:34:01.0078 3980 \Device\Harddisk0\DR0 - ok
10:34:01.0078 3980 ================ Scan VBR ==================================
10:34:01.0093 3980 [ 236A16B59128675CEAF69502F52751EC ] \Device\Harddisk0\DR0\Partition1
10:34:01.0093 3980 \Device\Harddisk0\DR0\Partition1 - ok
10:34:01.0171 3980 [ AD49654A0260F7AF5F01203E8F2D4F9A ] \Device\Harddisk0\DR0\Partition2
10:34:01.0171 3980 \Device\Harddisk0\DR0\Partition2 - ok
10:34:01.0171 3980 ============================================================
10:34:01.0171 3980 Scan finished
10:34:01.0171 3980 ============================================================
10:34:01.0234 3188 Detected object count: 1
10:34:01.0234 3188 Actual detected object count: 1
10:34:08.0437 3188 sptd ( LockedFile.Multi.Generic ) - skipped by user
10:34:08.0437 3188 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
10:34:13.0156 2288 Deinitialize success

ComboFix 13-04-12.02 - LuCas 14.04.2013 10:45:30.3.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.2046.1214 [GMT 2:00]
Spuštěný z: c:\documents and settings\LuCas\Plocha\ComboFix.exe
AV: ESET NOD32 Antivirus 4.0 *Disabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\LuCas\WINDOWS
c:\windows\IsUn0405.exe
c:\windows\iun6002.exe
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\system32\_000005_.tmp.dll
c:\windows\system32\_000006_.tmp.dll
c:\windows\system32\AegisI5Installer.exe
c:\windows\system32\URTTemp
c:\windows\system32\URTTemp\regtlib.exe
D:\install.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_NPF
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-03-14 do 2013-04-14 )))))))))))))))))))))))))))))))
.
.
2013-04-14 08:42 . 2013-04-14 08:42 -------- d-----w- c:\documents and settings\All Users\Oblíbené položky
2013-04-13 09:32 . 2013-04-13 09:32 388096 ----a-r- c:\documents and settings\LuCas\Data aplikací\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2013-03-28 21:03 . 2013-04-04 12:50 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-03-17 21:23 . 2013-02-12 00:32 12928 -c----w- c:\windows\system32\dllcache\usb8023x.sys
2013-03-17 21:23 . 2013-02-12 00:32 12928 -c----w- c:\windows\system32\dllcache\usb8023.sys
2013-03-16 16:47 . 2013-03-16 16:47 -------- d-----w- c:\documents and settings\LuCas\Local Settings\Data aplikací\GHISLER
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-04-13 14:44 . 2012-04-02 14:13 691592 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-04-13 14:44 . 2011-05-17 06:13 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-03-12 20:39 . 2013-02-09 21:40 16486616 ----a-w- c:\windows\system32\FlashPlayerInstaller.exe
2013-03-08 16:41 . 2013-03-08 16:41 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-03-08 16:41 . 2009-01-10 08:57 143872 ----a-w- c:\windows\system32\javacpl.cpl
2013-03-08 16:41 . 2012-06-16 11:41 861088 ----a-w- c:\windows\system32\npdeployJava1.dll
2013-03-08 16:41 . 2010-05-06 08:48 782240 ----a-w- c:\windows\system32\deployJava1.dll
2013-02-12 00:32 . 2009-06-19 16:52 12928 ------w- c:\windows\system32\drivers\usb8023x.sys
2013-02-12 00:32 . 2004-08-18 12:00 12928 ----a-w- c:\windows\system32\drivers\usb8023.sys
2013-02-06 10:55 . 2004-08-18 12:00 668160 ----a-w- c:\windows\system32\wininet.dll
2013-02-06 10:55 . 2004-08-18 12:00 61952 ----a-w- c:\windows\system32\tdc.ocx
2013-02-06 10:55 . 2004-08-18 12:00 81920 ----a-w- c:\windows\system32\ieencode.dll
2013-02-06 10:50 . 2004-08-18 12:00 370176 ----a-w- c:\windows\system32\html.iec
2013-01-26 03:55 . 2004-08-18 12:00 552448 ----a-w- c:\windows\system32\oleaut32.dll
2013-01-15 17:49 . 2012-01-18 20:39 23360 ----a-w- c:\windows\system32\RegistryDefragBootTime.exe
2013-04-12 14:05 . 2013-04-12 14:04 263064 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2008-04-14 . 13E794E5591776CBC71055A7B3CC1D5F . 976384 . . [6.00.2900.5512] . . c:\windows\explorer.exe
[-] 2008-04-14 . 13E794E5591776CBC71055A7B3CC1D5F . 976384 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\explorer.exe
[-] 2004-08-18 . 4D32D7FFC2F583FE21EF0A4F99EABB12 . 974848 . . [6.00.2900.2180] . . c:\windows\$NtServicePackUninstall$\explorer.exe
.
[-] 2008-04-14 . ED69B3B6CD23D1D00815D5F70D517E01 . 225792 . . [5.1.2600.5512] . . c:\windows\regedit.exe
[-] 2008-04-14 . ED69B3B6CD23D1D00815D5F70D517E01 . 225792 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\regedit.exe
[-] 2004-08-18 . CA44503D05AF695538944E06A5CC5D77 . 225792 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\regedit.exe
.
[-] 2008-04-14 . D008D88ED7D047B78A504986DF5647EE . 832512 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\iexplore.exe
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2008-07-24 490952]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 61440]
"RTHDCPL"="RTHDCPL.EXE" [2007-05-28 16132608]
"AzMixerSel"="c:\program files\Realtek\InstallShield\AzMixerSel.exe" [2005-06-11 53248]
"SynTPStart"="c:\program files\Synaptics\SynTP\SynTPStart.exe" [2008-06-02 102400]
"LManager"="c:\progra~1\LAUNCH~1\LManager.exe" [2008-06-02 858632]
"ePower_DMC"="c:\acer\Empowering Technology\ePower\ePower_DMC.exe" [2007-07-04 475136]
"Boot"="c:\acer\Empowering Technology\ePower\Boot.exe" [2006-03-15 579584]
"IntelZeroConfig"="c:\program files\Intel\WiFi\bin\ZCfgSvc.exe" [2009-02-27 1368064]
"IntelWireless"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2009-02-27 1202448]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2009-11-16 2054360]
"PLFSetL"="c:\windows\PLFSetL.exe" [2011-01-13 99712]
"snp2uvc"="c:\windows\system32\csnp2uvc.dll" [2011-01-13 202112]
"PLFSetI"="c:\windows\PLFSetI.exe" [2007-10-23 200704]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-10-11 59280]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\LuCas\Nabídka Start\Programy\Po spuštění\
RocketDock.lnk - d:\windows\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe [2007-3-19 630784]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\system32\acaptuser32.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"QuickTime Task"="d:\program files\QuickTime\qttask.exe" -atboottime
"LogMeIn Hamachi Ui"="c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
"Bonus.SSR.FR10"="d:\program files\ABBYY FineReader 10\Bonus.ScreenshotReader.exe" /autorun
"ATICustomerCare"="c:\program files\ATI\ATICustomerCare\ATICustomerCare.exe"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"d:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"d:\\Program Files\\Valve\\hl.exe"=
"c:\\Program Files\\KN_StrongDC\\StrongDC.exe"=
"d:\\Program Files\\Electronic Arts\\Burnout(TM) Paradise The Ultimate Box\\BurnoutLauncher.exe"=
"d:\\Program Files\\Electronic Arts\\Burnout(TM) Paradise The Ultimate Box\\BurnoutConfigTool.exe"=
"d:\\Program Files\\Electronic Arts\\Burnout(TM) Paradise The Ultimate Box\\BurnoutParadise.exe"=
"c:\\Acer\\Empowering Technology\\Acer.Empowering.Framework.Launcher.exe"=
"d:\\Program Files\\Graphisoft\\ArchiCAD 12\\ArchiCAD.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"d:\\Program Files\\uTorrent\\uTorrent.exe"=
"d:\\Program Files\\ICQ6.5\\ICQ.exe"=
"d:\\Program Files\\QIP\\qip.exe"=
"d:\\Program Files\\EA SPORTS\\FIFA 07\\fifa07.exe"=
"c:\\Program Files\\Autodesk\\Backburner\\monitor.exe"=
"c:\\Program Files\\Autodesk\\Backburner\\manager.exe"=
"c:\\Program Files\\Autodesk\\Backburner\\server.exe"=
"c:\\Program Files\\Autodesk\\3ds Max 2009\\3dsmax.exe"=
"d:\\Program Files\\SecondLife\\SLVoice.exe"=
"c:\\Program Files\\Valve\\hl.exe"=
"d:\\Program Files\\Phoenix Viewer\\SLVoice.exe"=
"d:\\Program Files\\Electronic Arts\\Red Alert 3\\Data\\ra3_1.4.game"=
"c:\\Program Files\\Chaos Group\\V-Ray\\RT for 3ds Max 2009 for x86\\bin\\vray.exe"=
"d:\\Program Files\\Codemasters\\F1 2010\\F1_2010_game.exe"=
"d:\\Program Files\\Atari\\Test Drive Unlimited\\TestDriveUnlimited.exe"=
"c:\\Program Files\\Mozilla Firefox\\plugin-container.exe"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5985:TCP"= 5985:TCP:*:Disabled:Vzdálená správa systému Windows
.
R0 SmartDefragDriver;SmartDefragDriver;c:\windows\system32\drivers\SmartDefragDriver.sys [8.2.2013 22:13 14776]
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [27.9.2008 12:00 717296]
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [16.11.2009 10:03 108792]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [16.11.2009 10:06 96408]
R2 AdvancedSystemCareService6;Advanced SystemCare Service 6;c:\program files\IObit\Advanced SystemCare 6\ASCService.exe [4.11.2012 20:40 465216]
R2 ekrn;ESET Service;c:\program files\Eset\ESET NOD32 Antivirus\ekrn.exe [16.11.2009 10:04 735960]
R2 IDA NEXIS License;IDA NEXIS License;d:\nexis32\License\lmgrd.exe [22.10.2008 16:20 195584]
R2 IMFservice;IMF Service;c:\program files\IObit\IObit Malware Fighter\IMFsrv.exe [8.2.2013 22:13 821592]
R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;c:\program files\RealNetworks\RealDownloader\rndlresolversvc.exe [29.11.2012 21:31 38608]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe [14.12.2011 13:47 1514304]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [28.3.2013 23:03 22856]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys [31.10.2011 16:00 10064]
R3 whfltr2k;WheelMouse USB Lower Filter Driver;c:\windows\system32\drivers\whfltr2k.sys [10.2.2013 23:00 6784]
S2 MBAMService;MBAMService;d:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [28.3.2013 23:03 701512]
S2 NOD32FiXTemDono;Eset Nod32 Boot;c:\windows\system32\regedt32.exe [18.8.2004 14:00 3584]
S3 cpuz136;cpuz136;\??\c:\windows\TEMP\cpuz136\cpuz136_x32.sys --> c:\windows\TEMP\cpuz136\cpuz136_x32.sys [?]
S3 FileMonitor;FileMonitor;c:\program files\IObit\IObit Malware Fighter\Drivers\wxp_x86\FileMonitor.sys [8.2.2013 22:13 246816]
S3 NETwLx32; Ovladač adaptéru řady Intel(R) Wireless WiFi Link 5000 pro systém Windows XP 32 Bit;c:\windows\system32\drivers\NETwLx32.sys [10.2.2013 22:57 6607744]
S3 RegFilter;RegFilter;c:\program files\IObit\IObit Malware Fighter\Drivers\wxp_x86\RegFilter.sys [8.2.2013 22:13 30408]
S3 UrlFilter;UrlFilter;c:\program files\IObit\IObit Malware Fighter\Drivers\wxp_x86\UrlFilter.sys [8.2.2013 22:13 16248]
S4 ABBYY.Licensing.FineReader.Professional.10.0;ABBYY FineReader 10 PE Licensing Service;c:\program files\Common Files\ABBYY\FineReader\10.00\Licensing\PE\NetworkLicenseServer.exe [29.9.2009 18:18 809736]
S4 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [28.3.2011 15:41 1242504]
S4 mi-raysat_3dsMax2009_32;mental ray 3.6 Satellite for Autodesk 3ds Max 2009 32-bit 32-bit;c:\program files\Autodesk\3ds Max 2009\mentalray\satellite\raysat_3dsMax2009_32server.exe [10.3.2008 1:04 65536]
S4 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [9.11.2012 12:21 160944]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Obsah adresáře 'Naplánované úlohy'
.
2013-04-14 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-02 14:44]
.
2013-03-14 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 15:57]
.
2013-03-14 c:\windows\Tasks\Game_Booster_AutoUpdate.job
- c:\program files\IObit\Game Booster\AutoUpdate.exe [2011-07-01 15:57]
.
2013-04-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-10-28 10:36]
.
2013-04-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-10-28 10:36]
.
2013-04-13 c:\windows\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-1454471165-412668190-725345543-1003.job
- c:\program files\RealNetworks\RealDownloader\recordingmanager.exe [2012-11-29 19:33]
.
2013-04-13 c:\windows\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1454471165-412668190-725345543-1003.job
- c:\program files\RealNetworks\RealDownloader\realupgrade.exe [2012-11-29 19:31]
.
2013-04-13 c:\windows\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1454471165-412668190-725345543-1003.job
- c:\program files\RealNetworks\RealDownloader\realupgrade.exe [2012-11-29 19:31]
.
2013-04-13 c:\windows\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1454471165-412668190-725345543-1003.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2012-11-30 14:30]
.
2013-04-13 c:\windows\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1454471165-412668190-725345543-1003.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2012-11-30 14:30]
.
2013-04-13 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-1454471165-412668190-725345543-1003.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2012-11-30 14:30]
.
2013-04-13 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1454471165-412668190-725345543-1003.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2012-11-30 14:30]
.
2010-07-31 c:\windows\Tasks\RegCure Program Check.job
- c:\program files\RegCure\RegCure.exe [2007-08-02 15:17]
.
2010-07-31 c:\windows\Tasks\RegCure.job
- c:\program files\RegCure\RegCure.exe [2007-08-02 15:17]
.
2013-03-14 c:\windows\Tasks\SmartDefragUpdate.job
- c:\program files\IObit\Smart Defrag 2\AutoUpdate.exe [2013-02-08 10:06]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
IE: Append to existing PDF - d:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert link target to Adobe PDF - d:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - d:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - d:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - d:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - d:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - d:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - d:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Send to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
TCP: Interfaces\{8E60D919-A187-4B7B-95B2-B85DDBE5825C}: NameServer = 217.31.204.130,193.29.206.206
FF - ProfilePath - c:\documents and settings\LuCas\Data aplikací\Mozilla\Firefox\Profiles\3fto5h9e.default\
FF - prefs.js: browser.startup.homepage - www.seznam.cz
.
.
------- Asociace souborů -------
.
.scr=AutoCADScriptFile
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
SafeBoot-WudfPf
SafeBoot-WudfRd
SafeBoot-SolutoService
AddRemove-NEXIS32 3.60.15 - c:\windows\IsUn0405.exe
AddRemove-TNod - c:\program files\ESET\TNod User & Password Finder\uninst-TNod.exe
AddRemove-V-Ray for 3dsmax 2009 for x86 - c:\program files\Chaos Group\V-Ray\3dsmax 2009 for x86\uninstall\wininstaller.exe-uninstall=c:\program files\Chaos Group\V-Ray\3dsmax 2009 for x86\uninstall\install.log
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-04-14 10:59
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1454471165-412668190-725345543-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:45,92,6e,2d,4d,3c,7f,e0,d4,b8,a2,fa,08,5f,5a,37,26,5c,eb,1c,81,b9,53,
17,73,d4,a1,84,ce,42,62,7a,e1,fc,7e,be,84,da,b9,a0,ff,cc,5d,ed,b4,3e,2f,ae,\
"??"=hex:6d,8c,b7,91,23,80,dd,55,72,ff,58,3e,f0,1c,80,8c
.
[HKEY_USERS\S-1-5-21-1454471165-412668190-725345543-1003\Software\SecuROM\License information*]
"datasecu"=hex:94,5a,4b,09,31,35,f5,56,98,2d,4a,08,44,39,94,31,42,af,63,50,c3,
f1,32,55,3a,d3,4d,0b,17,e2,2c,dd,b3,53,8a,01,e5,d0,0a,20,a1,0c,90,a8,98,bf,\
"rkeysecu"=hex:b6,53,81,da,52,d0,58,a6,35,8f,1f,86,3c,cd,af,3c
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(1192)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\atiadlxx.dll
c:\windows\system32\netprovcredman.dll
.
- - - - - - - > 'explorer.exe'(3880)
d:\windows\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.dll
c:\windows\system32\AcSignIcon.dll
c:\program files\Common Files\Autodesk Shared\AcSignCore16.dll
c:\windows\system32\ntshrui.dll
c:\windows\system32\msi.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\btncopy.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
c:\windows\system32\NETSHELL.dll
c:\windows\system32\credui.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\program files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
c:\program files\Intel\WiFi\bin\S24EvMon.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Intel\WiFi\bin\EvtEng.exe
c:\program files\Java\jre7\bin\jqs.exe
d:\nexis32\License\scia.exe
c:\windows\RTHDCPL.EXE
d:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe
c:\program files\Synaptics\SynTP\SynTPEnh.exe
c:\windows\system32\PnkBstrA.exe
c:\program files\Common Files\Intel\WirelessCommon\RegSrvc.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\program files\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe
c:\acer\Empowering Technology\eLock\Service\eLockServ.exe
c:\windows\system32\wbem\unsecapp.exe
c:\windows\system32\wscntfy.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
.
**************************************************************************
.
Celkový čas: 2013-04-14 11:05:25 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-04-14 09:05
.
Před spuštěním: Volných bajtů: 14 168 350 720
Po spuštění: Volných bajtů: 13 949 673 472
.
- - End Of File - - 5AF6A422B30020ACC710BE201400B50E

Spusť znovu RogueKiller
Pokud používáš Win Vista či W7, klikni na RogueKiller pravým a dej spustit jako správce.
Pak klikni na Oprava DNS a pak Zpráva - otevře se log, ten sem vlož.

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

Vyčisti systém CCleanerem

Stáhni si OTC

na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.

Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.

něco mě smazalo roquekillera i s logem, který jsem měl dát po smazání DNS, tady je nový log, ale předpokládám, že tenhle je už k ničemu

RogueKiller V8.5.4 [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/

Operační systém : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v : Normální režim
Uživatel : LuCas [Práva správce]
Mód : Oprava DNS -- Datum : 04/14/2013 15:19:44
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 0 ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤

Dokončeno : << RKreport[1]_DN_04142013_02d1519.txt >>
RKreport[1]_DN_04142013_02d1519.txt






aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-04-14 15:20:28
-----------------------------
15:20:28.359 OS Version: Windows 5.1.2600 Service Pack 3
15:20:28.359 Number of processors: 2 586 0xF0B
15:20:28.359 ComputerName: LUCAS UserName: LuCas
15:20:28.812 Initialize success
15:20:39.593 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-e
15:20:39.593 Disk 0 Vendor: WDC_WD3200BEVT-22ZCT0 11.01A11 Size: 305245MB BusType: 3
15:20:39.734 Disk 0 MBR read successfully
15:20:39.750 Disk 0 MBR scan
15:20:39.750 Disk 0 Windows XP default MBR code
15:20:39.750 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 49999 MB offset 63
15:20:39.750 Disk 0 Partition - 00 0F Extended LBA 255235 MB offset 102398310
15:20:39.765 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 255235 MB offset 102398373
15:20:39.765 Disk 0 scanning sectors +625121280
15:20:39.843 Disk 0 scanning C:\WINDOWS\system32\drivers
15:20:53.937 Service scanning
15:21:06.515 Service sptd C:\WINDOWS\System32\Drivers\sptd.sys **LOCKED** 32
15:21:10.328 Modules scanning
15:21:36.343 Disk 0 trace - called modules:
15:21:36.421 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll sfsync02.sys atapi.sys spej.sys >>UNKNOWN [0x8a6fc938]<<
15:21:36.437 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8a68eab8]
15:21:36.453 3 CLASSPNP.SYS[ba118fd7] -> nt!IofCallDriver -> \Device\0000009f[0x8a629358]
15:21:36.453 5 ACPI.sys[b9e67620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-e[0x8a5e6d98]
15:21:36.468 \Driver\atapi[0x8a640b10] -> IRP_MJ_INTERNAL_DEVICE_CONTROL -> sfsync02.sys[0xba0e98b4]
15:21:36.468 Scan finished successfully
15:21:53.218 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\LuCas\Plocha\MBR.dat"
15:21:53.218 The log file has been saved successfully to "C:\Documents and Settings\LuCas\Plocha\aswMBR.txt"

Je to oK.

Co problémy?

Právě že pořád ne. Mám v tohle prográmku (aswMBR) udělat něco jiného než jen log ?