Prosím o kontrolo logu

guest · Příspěvekod **guest** » 15 pro 2013 19:20

Asi před týdnem jsem si stahoval jakýsi program na kontrolu LCD monitorů, ale byla to zlá stránka, kde to začalo stahovat spoustu zlých věci. Nedalo se to ani zastavit. Zastavil jsem prohlížeč přes Správce úloh a i to se bránilo asi 3 minuty.
Necelou stovku vetřelců jsem odstranil sám, aale na dočištění potřebuji odborníky.

MbAm bez nálezu!

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:16:04, on 15.12.2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb06.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Matrox Graphics Inc\PowerDesk SE\Matrox.PowerDesk SE.exe
C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Facebook\Update\FacebookUpdate.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
C:\Program Files\Timer Wizard\Timer Wizard.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre7\bin\jqs.exe
c:\Program Files\Matrox Graphics Inc\PowerDesk\Services\Matrox.PowerDesk.Services.exe
c:\Program Files\Matrox Graphics Inc\PowerDesk SE\Matrox.Pdesk.ServicesHost.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\mgabg.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
C:\Program Files\COMODO\COMODO Internet Security\cis.exe
C:\WINDOWS\system32\taskmgr.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Opera\opera.exe
C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb06.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [Matrox PowerDesk SE] "c:\Program Files\Matrox Graphics Inc\PowerDesk SE\Matrox.PowerDesk SE.exe"
O4 - HKLM\..\Run: [20131121] C:\Program Files\AVAST Software\Avast\setup\emupdate\67422d3d-0892-4c07-a1b3-e6fe6cee82d3.exe /check
O4 - HKLM\..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Facebook Update] "C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Microsoft Office Outlook 2003.lnk = ?
O4 - Global Startup: Timer Wizard.lnk = C:\Program Files\Timer Wizard\Timer Wizard.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\Microsoft Office\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files\ICQ7M\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files\ICQ7M\ICQ.exe
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\Microsoft Office\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 2848935025
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: COMODO Virtual Service Manager (cmdvirth) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
O23 - Service: GSService - Unknown owner - C:\WINDOWS\system32\GSService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: Matrox Centering Service - Matrox Graphics Inc. - c:\Program Files\Matrox Graphics Inc\PowerDesk\Services\Matrox.PowerDesk.Services.exe
O23 - Service: Matrox.Pdesk.ServicesHost - Matrox Graphics Inc - c:\Program Files\Matrox Graphics Inc\PowerDesk SE\Matrox.Pdesk.ServicesHost.exe
O23 - Service: MGABGEXE - Matrox Graphics Inc. - C:\WINDOWS\system32\mgabg.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe

--
End of file - 7660 bytes

Reklama

Příspěvekod **jaro3** » 16 pro 2013 09:42

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.

Stáhni AdwCleaner (by Xplode)

Ulož si ho na svojí plochu
Ukonči všechny programy , okna a prohlížeče
Spusť program poklepáním a klikni na „Prohledat-Scan“
Po skenu se objeví log ( jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Provést rychlý sken a klikni na tlačítko Skenovat
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Zobrazit výsledky
- pak zvol možnost uložit log a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

Pokud budou problémy , spusť v nouz. režimu.

guest · Příspěvekod **guest** » 16 pro 2013 12:57

Provedeno.

AdwCleaner:
# AdwCleaner v3.007 - Report created 16/12/2013 at 12:52:46
# Updated 09/10/2013 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Administrator - DELL-E594CDFDDA
# Running from : C:\Documents and Settings\Administrator\Plocha\adwcleaner.exe
# Option : Scan

***** [ Services ] *****

***** [ Files / Folders ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Found : HKLM\SOFTWARE\Classes\CLSID\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A43DE495-3D00-47D4-9D2C-303115707939}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702

-\\ Mozilla Firefox v

[ File : C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\i4ftlo3y.default\prefs.js ]

-\\ Google Chrome v

[ File : C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R4].txt - [1224 octets] - [16/12/2013 12:52:46]

########## EOF - C:\AdwCleaner\AdwCleaner[R4].txt - [1284 octets] ##########

MbAm:

Malwarebytes Anti-Malware 1.60.1.1000
www.malwarebytes.org

Verze databáze: v2013.12.16.04

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Administrator :: DELL-E594CDFDDA [administrátor]

16.12.2013 13:14:15
mbam-log-2013-12-16 (13-14-15).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 214941
Uplynulý čas: 10 minut, 12 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)

(konec)

Příspěvekod **Orcus** » 16 pro 2013 18:42

Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
Klikni na „ Delete“
Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt) , jeho obsah sem celý vlož.

====================================================

Stáhni si TDSSKiller

Na svojí plochu. Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller.2.2.7.1._(datum)_log.txt , vlož sem prosím celý obsah logu.

====================================================

Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.

guest · Příspěvekod **guest** » 16 pro 2013 19:44

AdwCleaner:
# AdwCleaner v3.007 - Report created 16/12/2013 at 19:38:30
# Updated 09/10/2013 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Administrator - DELL-E594CDFDDA
# Running from : C:\Documents and Settings\Administrator\Plocha\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A43DE495-3D00-47D4-9D2C-303115707939}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702

-\\ Mozilla Firefox v

[ File : C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\i4ftlo3y.default\prefs.js ]

-\\ Google Chrome v

[ File : C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R4].txt - [1364 octets] - [16/12/2013 12:52:46]
AdwCleaner[R5].txt - [1424 octets] - [16/12/2013 19:36:49]
AdwCleaner[S2].txt - [1353 octets] - [16/12/2013 19:38:30]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1413 octets] ##########

TDSSKiller:
19:50:41.0734 0x0c8c TDSS rootkit removing tool 3.0.0.19 Nov 18 2013 09:27:50
19:50:51.0312 0x0c8c ============================================================
19:50:51.0312 0x0c8c Current date / time: 2013/12/16 19:50:51.0312
19:50:51.0312 0x0c8c SystemInfo:
19:50:51.0312 0x0c8c
19:50:51.0312 0x0c8c OS Version: 5.1.2600 ServicePack: 3.0
19:50:51.0312 0x0c8c Product type: Workstation
19:50:51.0312 0x0c8c ComputerName: DELL-E594CDFDDA
19:50:51.0312 0x0c8c UserName: Administrator
19:50:51.0312 0x0c8c Windows directory: C:\WINDOWS
19:50:51.0312 0x0c8c System windows directory: C:\WINDOWS
19:50:51.0312 0x0c8c Processor architecture: Intel x86
19:50:51.0312 0x0c8c Number of processors: 1
19:50:51.0312 0x0c8c Page size: 0x1000
19:50:51.0312 0x0c8c Boot type: Normal boot
19:50:51.0312 0x0c8c ============================================================
19:50:53.0796 0x0c8c KLMD registered as C:\WINDOWS\system32\drivers\15268826.sys
19:50:54.0218 0x0c8c System UUID: {5B2A4288-3584-A2C7-54D8-D39CA5FDC19E}
19:50:55.0578 0x0c8c Drive \Device\Harddisk0\DR0 - Size: 0x2658AE0000 (153.39 Gb), SectorSize: 0x200, Cylinders: 0x4E37, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
19:50:55.0578 0x0c8c Drive \Device\Harddisk1\DR1 - Size: 0x9516AE000 (37.27 Gb), SectorSize: 0x200, Cylinders: 0x1301, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
19:50:55.0593 0x0c8c ============================================================
19:50:55.0593 0x0c8c \Device\Harddisk0\DR0:
19:50:55.0593 0x0c8c MBR partitions:
19:50:55.0593 0x0c8c \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x132C0A77
19:50:55.0593 0x0c8c \Device\Harddisk1\DR1:
19:50:55.0593 0x0c8c MBR partitions:
19:50:55.0593 0x0c8c \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x4A89182
19:50:55.0593 0x0c8c ============================================================
19:50:55.0609 0x0c8c C: <-> \Device\Harddisk0\DR0\Partition1
19:50:55.0640 0x0c8c D: <-> \Device\Harddisk1\DR1\Partition1
19:50:55.0640 0x0c8c ============================================================
19:50:55.0640 0x0c8c Initialize success
19:50:55.0656 0x0c8c ============================================================
19:51:04.0718 0x0cec ============================================================
19:51:04.0718 0x0cec Scan started
19:51:04.0718 0x0cec Mode: Manual;
19:51:04.0718 0x0cec ============================================================
19:51:04.0718 0x0cec KSN ping started
19:51:07.0171 0x0cec KSN ping finished: true
19:51:07.0343 0x0cec ================ Scan system memory ========================
19:51:07.0359 0x0cec System memory - ok
19:51:07.0375 0x0cec ================ Scan services =============================
19:51:07.0500 0x0cec Abiosdsk - ok
19:51:07.0515 0x0cec abp480n5 - ok
19:51:07.0562 0x0cec [ 4FE34F1F3126B61FCC6B2043AA8112C9, DE370865E47A5D2A4B227EEFFB42384F67F08D622BF936A9C9CEF70CC47F324B ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
19:51:07.0578 0x0cec ACPI - ok
19:51:07.0703 0x0cec [ AFDFF022A01F0B11C776F0860C3B282F, 135E5257B62D921B76271014301E9EA1E2383D5DBB04E475DC3A7EFFD2561F56 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
19:51:07.0703 0x0cec ACPIEC - ok
19:51:07.0812 0x0cec [ 1BA1AB4141A92EB34DA99F1249CA2D4D, 43ADF35146E61E0DE58D2ACC2994538F6025135ECEB30073BEF05A804BB38107 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
19:51:07.0812 0x0cec AdobeFlashPlayerUpdateSvc - ok
19:51:07.0843 0x0cec adpu160m - ok
19:51:07.0890 0x0cec [ 11C04B17ED2ABBB4833694BCD644AC90, 4F50E672B8C1CA951EF1E01E969C73968BDB656889849859881333ECD3751A24 ] aeaudio C:\WINDOWS\system32\drivers\aeaudio.sys
19:51:07.0890 0x0cec aeaudio - ok
19:51:07.0953 0x0cec [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] aec C:\WINDOWS\system32\drivers\aec.sys
19:51:07.0953 0x0cec aec - ok
19:51:08.0015 0x0cec [ 1E44BC1E83D8FD2305F8D452DB109CF9, CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C13FFE49063B02C8 ] AFD C:\WINDOWS\System32\drivers\afd.sys
19:51:08.0031 0x0cec AFD - ok
19:51:08.0093 0x0cec [ 08FD04AA961BDC77FB983F328334E3D7, A784EC8A9EDB579262366B5A9AB177DB7BEC0A421BDE85431D0AD4959D5AF5E7 ] agp440 C:\WINDOWS\system32\DRIVERS\agp440.sys
19:51:08.0093 0x0cec agp440 - ok
19:51:08.0109 0x0cec Aha154x - ok
19:51:08.0125 0x0cec aic78u2 - ok
19:51:08.0140 0x0cec aic78xx - ok
19:51:08.0187 0x0cec [ E0A6FA244B8624D78FE5FF6F56A33BAE, 26B828FDB03AE4A4F1DC7A1792F9BAD69CF947897D47F5E567F24F4B6D5CB541 ] Alerter C:\WINDOWS\system32\alrsvc.dll
19:51:08.0187 0x0cec Alerter - ok
19:51:08.0218 0x0cec [ 88842DE939A827577BF24243699AC80A, A49C9A6A9941F3A2FBBCFE1F6DB48B632739D00670AC98ECCCBC7FD9E786B21A ] ALG C:\WINDOWS\System32\alg.exe
19:51:08.0218 0x0cec ALG - ok
19:51:08.0234 0x0cec AliIde - ok
19:51:08.0265 0x0cec amsint - ok
19:51:08.0312 0x0cec [ 6B8E7A90E576D4FE308F97C69060A171, 6CE49BC78715737D78E05DECAC23E26A5672ACD2CF3D10154FEA9D47B318D47C ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
19:51:08.0328 0x0cec AppMgmt - ok
19:51:08.0343 0x0cec asc - ok
19:51:08.0359 0x0cec asc3350p - ok
19:51:08.0375 0x0cec asc3550 - ok
19:51:08.0484 0x0cec [ 0E5E4957549056E2BF2C49F4F6B601AD, F7F19FDC906B719A3516D30A9B4A2262C8CC5B36B94E3D4195C345EC4610FF2B ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
19:51:08.0515 0x0cec aspnet_state - ok
19:51:08.0562 0x0cec [ D5730129EA9ADF7AE710DA0B14F9DE19, 79DECECA6DF86D85280C41242924753302B181584E3C4E60EF0F0E8EE2672E64 ] aswFsBlk C:\WINDOWS\system32\drivers\aswFsBlk.sys
19:51:08.0562 0x0cec aswFsBlk - ok
19:51:08.0609 0x0cec [ 81E695913FEFD4E23360A69C0F151797, 0910A406899A6927CAA7E5D56758DE9404B98F2EDB305FB6A59D9E068BA1F4BB ] aswKbd C:\WINDOWS\system32\drivers\aswKbd.sys
19:51:08.0640 0x0cec aswKbd - ok
19:51:08.0687 0x0cec [ 6F23333C8358D267718F9ECB21CBB6F4, 647A743E9E95763B45BF2A83A30C5FD08CB085DC805B096724ACE29037AF29A1 ] aswMonFlt C:\WINDOWS\system32\drivers\aswMonFlt.sys
19:51:08.0687 0x0cec aswMonFlt - ok
19:51:08.0734 0x0cec [ 29CB7009F11470A24B1D49849A6118A5, 67CAF72D6DB5E10889AFDD90D004B15A3FCFF47432167C209A6DB5233206A626 ] aswRdr C:\WINDOWS\system32\drivers\aswRdr.sys
19:51:08.0734 0x0cec aswRdr - ok
19:51:08.0765 0x0cec [ F385467DF95D0A73775CB3B076B8B969, D427A5F4FB4D1DAB04AFC29E7EC510844F907ABBA053538995E65747BAD37422 ] aswRvrt C:\WINDOWS\system32\drivers\aswRvrt.sys
19:51:08.0765 0x0cec aswRvrt - ok
19:51:08.0828 0x0cec [ 50C85412AD31F5C0F687F00C2E34C673, D8EBD884AD717DFC78948177A1DED1D6FD8E3E88B20847751078B553F6C5D54A ] aswSnx C:\WINDOWS\system32\drivers\aswSnx.sys
19:51:08.0875 0x0cec aswSnx - ok
19:51:08.0953 0x0cec [ 259E864BFB9268CD7CEFA5849A3B374B, EF1BE2581A53A6FCCE64ECE63AF2CF3D84592D472694102FD147ADE57C0F4697 ] aswSP C:\WINDOWS\system32\drivers\aswSP.sys
19:51:08.0984 0x0cec aswSP - ok
19:51:09.0031 0x0cec [ 8BCD47E79EAA40C387D7B9DCEC41DE2D, FDED5A91287037DA21C5456BD67C5898FB6F063B28DD97B1E47D4AB0D9365BAD ] aswTdi C:\WINDOWS\system32\drivers\aswTdi.sys
19:51:09.0031 0x0cec aswTdi - ok
19:51:09.0062 0x0cec [ BADA8FD627F1D0E22308211C33F0BDB5, F88751280969B8963DCFC684C99C7CCF396B50FD0AC0F869628A009557438609 ] aswVmm C:\WINDOWS\system32\drivers\aswVmm.sys
19:51:09.0078 0x0cec aswVmm - ok
19:51:09.0125 0x0cec [ B153AFFAC761E7F5FCFA822B9C4E97BC, 7E60F572A6B3C6219E3C86225AA37243AFFD74337DB7F108B04778042E5CC959 ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
19:51:09.0125 0x0cec AsyncMac - ok
19:51:09.0156 0x0cec [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
19:51:09.0156 0x0cec atapi - ok
19:51:09.0187 0x0cec Atdisk - ok
19:51:09.0203 0x0cec [ 9916C1225104BA14794209CFA8012159, 5D6F05F715C52A16D05CAE15C3DFE77A139A7F27F7AE710EC9A10F9EE05115A1 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
19:51:09.0218 0x0cec Atmarpc - ok
19:51:09.0281 0x0cec [ DE31B88962A8645DBA5A37B993E7B0F1, CA93F25A3FD0CE68BB9B8E3AB6B813BF38DE3EDDFC990291B3957FAA59B2B274 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
19:51:09.0281 0x0cec AudioSrv - ok
19:51:09.0328 0x0cec [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
19:51:09.0343 0x0cec audstub - ok
19:51:09.0468 0x0cec [ 4BE7EC02133544CDE7A580875E130208, DF665024664252BB6005B80B99C091905F9B5873D58CE9FED2E66F578E372D13 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
19:51:09.0468 0x0cec avast! Antivirus - ok
19:51:09.0515 0x0cec [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep C:\WINDOWS\system32\drivers\Beep.sys
19:51:09.0515 0x0cec Beep - ok
19:51:09.0593 0x0cec [ 19395D092FD85DDC2D9C7729CF5A2AC8, 7640F36BA19698EE8A6257BF78A8C57DD9D734BED9CA6BB9B68603BAEA092412 ] BITS C:\WINDOWS\system32\qmgr.dll
19:51:09.0734 0x0cec BITS - ok
19:51:09.0796 0x0cec [ 89E739BBA5F636297EA5B5F811189E06, 151B32B12F5DD0D388134DA2471FE9741CF22B9C408DA58FEF8019D3C4EC836B ] Browser C:\WINDOWS\System32\browser.dll
19:51:09.0796 0x0cec Browser - ok
19:51:09.0828 0x0cec [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
19:51:09.0828 0x0cec cbidf2k - ok
19:51:09.0875 0x0cec [ 0BE5AEF125BE881C4F854C554F2B025C, 1770DD70B3F115A0EF460907DEDC1E4B7241C08615A98F194D61A49C3E2BAA54 ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
19:51:09.0875 0x0cec CCDECODE - ok
19:51:09.0906 0x0cec cd20xrnt - ok
19:51:09.0953 0x0cec [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
19:51:09.0953 0x0cec Cdaudio - ok
19:51:10.0015 0x0cec [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
19:51:10.0015 0x0cec Cdfs - ok
19:51:10.0046 0x0cec [ 1F4260CC5B42272D71F79E570A27A4FE, B51C2A3ED3C309953D0EA45869C8E464C10F2533DADE9E0286AF674979098D1D ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
19:51:10.0046 0x0cec Cdrom - ok
19:51:10.0093 0x0cec [ 84853B3FD012251690570E9E7E43343F, 65CACFA643E52A0C0E6B2D901228A8A0AD4993CAFA3C287E65395F4B7C521089 ] cercsr6 C:\WINDOWS\system32\drivers\cercsr6.sys
19:51:10.0093 0x0cec cercsr6 - ok
19:51:10.0125 0x0cec [ E390DC1D7C461D7D56EC53402F329928, FB37F84E71353CD83FCDDD39C898C6D84C05130C5F1BEF022E3DFDE160398C0E ] CiSvc C:\WINDOWS\system32\cisvc.exe
19:51:10.0125 0x0cec CiSvc - ok
19:51:10.0140 0x0cec [ 064507A8DFA8C5C7E2FFDDD3E6F424FA, 1725067BC759484A7185A4F1A44ED3CBE481529D187FE98EF279425B79177EB1 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
19:51:10.0140 0x0cec ClipSrv - ok
19:51:10.0171 0x0cec [ D87ACAED61E417BBA546CED5E7E36D9C, 14AC6034A5BC0FB2A1AFDAD42BEF4DE641556E54AD30D0C46765660A4BE55462 ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:51:10.0312 0x0cec clr_optimization_v2.0.50727_32 - ok
19:51:10.0406 0x0cec [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:51:10.0406 0x0cec clr_optimization_v4.0.30319_32 - ok
19:51:10.0796 0x0cec [ BB76C416AC9064F184A1C715179DE7A9, DC702456F2CEB7135D527A2203E036028A7BF9B4220358D48CC2195E1FFD1EE0 ] cmdAgent C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
19:51:10.0968 0x0cec cmdAgent - ok
19:51:11.0046 0x0cec [ 7E7C723B64DF1E264F3909D6263E0FF9, 98757FD5B098DF6F869BF542FE05AF6C181ACD3F72F01B52ED4F6EE5E1435201 ] cmderd C:\WINDOWS\system32\DRIVERS\cmderd.sys
19:51:11.0046 0x0cec cmderd - ok
19:51:11.0093 0x0cec [ ADE6F053C0767B0DAED0C4FEBF8B62B5, 551F4812C0F9511376F4EB49303B87439D9F29718B4864CC67D7070800AC0490 ] cmdGuard C:\WINDOWS\system32\DRIVERS\cmdguard.sys
19:51:11.0125 0x0cec cmdGuard - ok
19:51:11.0140 0x0cec [ CA93B11EDA062B5D4BAB6A97FE9FECCD, A62FC4EAFE3951A3F434F03A050B59587D9D1046D477847B8FEAE8C23C9B3037 ] cmdHlp C:\WINDOWS\system32\DRIVERS\cmdhlp.sys
19:51:11.0140 0x0cec cmdHlp - ok
19:51:11.0156 0x0cec CmdIde - ok
19:51:11.0234 0x0cec [ E6E4CDA093D59D576178BF2BB272C124, 8DEB2739467D904C886483C6B5E3401D697DDCA4895023D5FB7C1E177BE3A760 ] cmdvirth C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
19:51:11.0234 0x0cec cmdvirth - ok
19:51:11.0265 0x0cec COMSysApp - ok
19:51:11.0296 0x0cec Cpqarray - ok
19:51:11.0343 0x0cec [ F3AB0933CBD166D271992F411C27CCAF, 50E01F3B058F814BE914FA5050B2D972E8584A467719A5ABCF9D9EBD596A54A7 ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
19:51:11.0343 0x0cec CryptSvc - ok
19:51:11.0375 0x0cec dac2w2k - ok
19:51:11.0390 0x0cec dac960nt - ok
19:51:11.0468 0x0cec [ BE27674D1CBC3214AEC84B4336A38BBF, 3DF5F9A9E97595A61314B2731DF4F3D3C19D1B9D2291624A63B8E1861FFC2D76 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
19:51:11.0484 0x0cec DcomLaunch - ok
19:51:11.0562 0x0cec [ 8C9A53E285AC5E6704844D0459EC85BE, 9E86AF4C06CEC007C9B1590B6E056319603E4D79BED0C2471C6F1BC251B380CF ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
19:51:11.0578 0x0cec Dhcp - ok
19:51:11.0640 0x0cec [ 044452051F3E02E7963599FC8F4F3E25, 584BDDB074618BE76454CF90E74829CFF588B5B5FAEB793E2F7AAD26352DD689 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
19:51:11.0640 0x0cec Disk - ok
19:51:11.0656 0x0cec dmadmin - ok
19:51:11.0734 0x0cec [ DB5FD2BF5B07DC54BFCB3664FF05BD7C, 46074FBBC5E4A40A7B3A45636089DEDD2A619778C7DCD797571C2BB64D775F7E ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
19:51:11.0781 0x0cec dmboot - ok
19:51:11.0812 0x0cec [ FFF1720AF51171F32F1EAD5CF71F2810, 2E40D63DC7670C1E88A532DB8923A98ABC8481C351C4D915C2753E10BA77F36D ] dmio C:\WINDOWS\system32\drivers\dmio.sys
19:51:11.0812 0x0cec dmio - ok
19:51:11.0843 0x0cec [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload C:\WINDOWS\system32\drivers\dmload.sys
19:51:11.0859 0x0cec dmload - ok
19:51:11.0890 0x0cec [ 2BFEFE9E865655A76982F050450B9591, 15C7D093D638770519AA43E7D8897310F32AB1F217027F5750D799494A985C35 ] dmserver C:\WINDOWS\System32\dmserver.dll
19:51:11.0890 0x0cec dmserver - ok
19:51:11.0937 0x0cec [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
19:51:11.0953 0x0cec DMusic - ok
19:51:12.0000 0x0cec [ DFAA406BF19F4EE806A6F8D4342137F7, EE2C11B3E37565FC009E323607B2F5F148F9219012EDF848CEFC1B273DAA98A9 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
19:51:12.0000 0x0cec Dnscache - ok
19:51:12.0062 0x0cec [ 4A3E2BD20157A0946751229E92EB8621, D8C00CC2C18C517F7262EBC3C511C062E5ABA797056AEB22AC5DEB306BA8C526 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
19:51:12.0078 0x0cec Dot3svc - ok
19:51:12.0093 0x0cec dpti2o - ok
19:51:12.0109 0x0cec [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
19:51:12.0109 0x0cec drmkaud - ok
19:51:12.0171 0x0cec [ A8B3EC8EE13CBE14F067C72110155A1B, E11057EA1B0940EF32ACA97BC42661D64A9016C80915CEE7272B852654C70C38 ] E1000 C:\WINDOWS\system32\DRIVERS\e1000325.sys
19:51:12.0187 0x0cec E1000 - ok
19:51:12.0234 0x0cec [ 0887D9C2BE8D940778CAD1E3B85F2A41, 2E30DC06D46A5E174B7CAA2D70BDB697015495942572E90425E2EE7AC541BCF4 ] EapHost C:\WINDOWS\System32\eapsvc.dll
19:51:12.0234 0x0cec EapHost - ok
19:51:12.0296 0x0cec [ A2A4912798F2BE706ABADD3D30800D16, CCCCA389D22525D984DE9B59E4CEBE0EEEF315F725176EB5C4DC1A5B6157234A ] ERSvc C:\WINDOWS\System32\ersvc.dll
19:51:12.0312 0x0cec ERSvc - ok
19:51:12.0359 0x0cec [ 9EF697AF07BB8DD82C3B02CA953A95B7, F26033E660B8FF1BDB9E88CDA205CE128C03138AF6BEC05DB3CF2D95C16D86C6 ] Eventlog C:\WINDOWS\system32\services.exe
19:51:12.0375 0x0cec Eventlog - ok
19:51:12.0437 0x0cec [ A371F11EF07653591C8DE26AFB13CE7F, 1192EDC8B146F1C27E8CD7E126DDC044F8B368C2E891A90CD81620D48C9550B6 ] EventSystem C:\WINDOWS\system32\es.dll
19:51:12.0453 0x0cec EventSystem - ok
19:51:12.0515 0x0cec [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
19:51:12.0531 0x0cec Fastfat - ok
19:51:12.0593 0x0cec [ EE9A2B9EA968A792A053C9D1A86BF870, 39798179F2EA42216CBE98F08ADA3675A87BD0C31A66534367B96CB129AF36BA ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
19:51:12.0609 0x0cec FastUserSwitchingCompatibility - ok
19:51:12.0640 0x0cec [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
19:51:12.0656 0x0cec Fdc - ok
19:51:12.0671 0x0cec [ AC366695A0796560AA37215AD5762AAF, 6ADC7443EA42D77199D4879AF3C33A07914116C69A34B895D8CB8444EE50077F ] Fips C:\WINDOWS\system32\drivers\Fips.sys
19:51:12.0687 0x0cec Fips - ok
19:51:12.0703 0x0cec [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
19:51:12.0718 0x0cec Flpydisk - ok
19:51:12.0765 0x0cec [ B2CF4B0786F8212CB92ED2B50C6DB6B0, 280F5CF8A90F7BEDE73ADD0DD0F8952088133A7CA9A3D3B7041957E33B36845D ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
19:51:12.0781 0x0cec FltMgr - ok
19:51:12.0875 0x0cec [ 8BA7C024070F2B7FDD98ED8A4BA41789, 47585006F86B2C6016EC54250A416794792D1E4024FF229C120BC25B684AF66A ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
19:51:12.0875 0x0cec FontCache3.0.0.0 - ok
19:51:12.0906 0x0cec [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
19:51:12.0906 0x0cec Fs_Rec - ok
19:51:12.0953 0x0cec [ 4E664D8541DB4A66B73A24257E322E1F, 17A2140AFE2B41E579FCCAFB82532853AD90A6EDBCB13DE80741DAE0AD5B4CC9 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
19:51:12.0968 0x0cec Ftdisk - ok
19:51:13.0031 0x0cec [ 2DD3D27E36EBF6804C40B843FF10872F, 101A89278BE50A0FA33D1B94C3850FC671E70CD7D17444F7AB632FA334005DD3 ] G400DH C:\WINDOWS\system32\DRIVERS\g400dhm.sys
19:51:13.0062 0x0cec G400DH - ok
19:51:13.0093 0x0cec [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
19:51:13.0093 0x0cec Gpc - ok
19:51:13.0156 0x0cec [ 676D5D69F1308EC813DB81AEC1CEE7BB, 77E0AB1895EB99550392FA55E266476DB66061E4C4B1B3E9E4582BB41E08E982 ] GSService C:\WINDOWS\system32\GSService.exe
19:51:13.0171 0x0cec GSService - ok
19:51:13.0250 0x0cec [ FCFE31FB75F8A6295B6B0AF87A626282, 6BA385797DBC73EB29EFE3293B80C21B1B8A1E9B87A462476E73C526C9565E5F ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
19:51:13.0250 0x0cec helpsvc - ok
19:51:13.0312 0x0cec [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
19:51:13.0312 0x0cec HidUsb - ok
19:51:13.0359 0x0cec [ 7A6B320928F86BC851530D63C82965D9, 1F628759D31098DFBC05244735B5A62ACD8E45DBC5C9D236260D68EB8F1E28F5 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
19:51:13.0375 0x0cec hkmsvc - ok
19:51:13.0390 0x0cec hpn - ok
19:51:13.0453 0x0cec [ F80A415EF82CD06FFAF0D971528EAD38, 524D9E9201572929522F6805011783711B7C0F76308B924C89CF75F4B7A1FDF3 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
19:51:13.0468 0x0cec HTTP - ok
19:51:13.0531 0x0cec [ 58FE2F2DA3BC5573F4A35B3760D3125F, B241ACCE426402EC64DC34C49CECB8CDC0851986D54BFCCED7040D6C43F5787A ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
19:51:13.0562 0x0cec HTTPFilter - ok
19:51:13.0578 0x0cec i2omp - ok
19:51:13.0625 0x0cec [ C528E27945367191E7BAE364930B6932, 1B95C7B49B4CAE734DC6C9EC22555C5356EEC856B8491C761C777479264CF854 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
19:51:13.0625 0x0cec i8042prt - ok
19:51:13.0750 0x0cec [ C01AC32DC5C03076CFB852CB5DA5229C, A4D7749220B5BC965D96A267F1E02FE8284A230BA249109207BD4B9EA8DFAC96 ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
19:51:13.0796 0x0cec idsvc - ok
19:51:13.0843 0x0cec [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
19:51:13.0843 0x0cec Imapi - ok
19:51:13.0875 0x0cec [ F7B93AAFAD33B2320954C17E26C8D361, 8CFDB11A68B59E195F280BE08B25FA59F1F70833832919B8BECCE17616999934 ] ImapiService C:\WINDOWS\system32\imapi.exe
19:51:13.0890 0x0cec ImapiService - ok
19:51:13.0921 0x0cec ini910u - ok
19:51:13.0968 0x0cec [ 4E9612379CF48934356B2A843677FED2, 547C004D53BC5EAEE96CFD47FAFBA7C7A8E0A70199BF3BB566D8FF10E75E0628 ] Inspect C:\WINDOWS\system32\DRIVERS\inspect.sys
19:51:13.0984 0x0cec Inspect - ok
19:51:14.0000 0x0cec [ 57D928E548B38502ABBA7A77A6EB7312, AD26B8096D918269BD7D9D454BB93850BCE595CE9E2A396F45777E7312396B33 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
19:51:14.0000 0x0cec IntelIde - ok
19:51:14.0062 0x0cec [ 27B290D632AF2CF3CF40BFDDB7370985, 2C266777B4A96706658B8C9A7B30D15D6E495C815FAE23A0A1FC747E9B5AE363 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
19:51:14.0078 0x0cec intelppm - ok
19:51:14.0093 0x0cec [ 3BB22519A194418D5FEC05D800A19AD0, F6662F440950596DC1382DD1DB5D7891CCEA30A6062BEA942C18445B5F0D8B16 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
19:51:14.0093 0x0cec Ip6Fw - ok
19:51:14.0125 0x0cec [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
19:51:14.0140 0x0cec IpFilterDriver - ok
19:51:14.0156 0x0cec [ B87AB476DCF76E72010632B5550955F5, E6E74D3A86A7917A8BAED44F8E97CCD2EB171E4E4B27E9907F60D1523FAF319A ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
19:51:14.0156 0x0cec IpInIp - ok
19:51:14.0187 0x0cec [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
19:51:14.0203 0x0cec IpNat - ok
19:51:14.0234 0x0cec [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
19:51:14.0250 0x0cec IPSec - ok
19:51:14.0250 0x0cec [ C93C9FF7B04D772627A3646D89F7BF89, 805FA48E7A46D4F10240BF880A2468F53DEA36E83004399228AB70DB7D20544A ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
19:51:14.0265 0x0cec IRENUM - ok
19:51:14.0296 0x0cec [ CC9F8A2D60AED1A51A3AC34C59B987AE, CBF69817BE3D9A4617390B1A3306074CB8581F21562CD1357D32BC3E542F3CEE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
19:51:14.0296 0x0cec isapnp - ok
19:51:14.0421 0x0cec [ 80A79264302910C7C24BA7E44267EFEF, 6080C233478350C8E07515D20D2D60C3758C4A65432B04E8C8B816248621A3EF ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
19:51:14.0437 0x0cec JavaQuickStarterService - ok
19:51:14.0468 0x0cec [ 1B6162FE7F66B1A71A4B70F941C4AA9B, C2EA494BAB0513A6027414FB1E75834F980A77852D0DC8559E8942FC222A075A ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
19:51:14.0468 0x0cec Kbdclass - ok
19:51:14.0500 0x0cec [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
19:51:14.0515 0x0cec kmixer - ok
19:51:14.0578 0x0cec [ B467646C54CC746128904E1654C750C1, 3BD71BE3663EA23463D236D8A2A2E42DFA10C502BDB4B6E131FAF0FBA748219E ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
19:51:14.0578 0x0cec KSecDD - ok
19:51:14.0625 0x0cec [ 3428E8F86F8ADD36B42FB23542C7B3E4, 9CF643D1A70AF08407ACD5FD6FE4B8777521DDF41B5E63C2E6E1E4CAAC69A403 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
19:51:14.0640 0x0cec lanmanserver - ok
19:51:14.0703 0x0cec [ 936C1D110232D23B621CB0196E4F80F0, 2DE3AF93E20F1DC7A6FF31B18054EA4D2350387E4DA91C4B16D451384F0C57E2 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
19:51:14.0765 0x0cec lanmanworkstation - ok
19:51:14.0828 0x0cec [ 0AB159F536E3E8F7F07113702A07CCA5, 3218C553183E6697C663B6D12790E09756B50505590858DD5AC62411D37CDD7C ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
19:51:14.0828 0x0cec LmHosts - ok
19:51:14.0968 0x0cec [ 94EEC93B6EB1005940D0BA0B9C74E825, 2F643DB748DBAB3891A86A15EB0A035BD4132B4C5F0C9040A0473F3658D58284 ] Matrox Centering Service c:\Program Files\Matrox Graphics Inc\PowerDesk\Services\Matrox.PowerDesk.Services.exe
19:51:15.0031 0x0cec Matrox Centering Service - ok
19:51:15.0078 0x0cec [ AA8AB39DF2D3BD45DA961A25B1E4960E, D173C8F4FCB3E75331825EFB3793A7D69E2DAB98177C0DD10C7C8A4E406A8676 ] Matrox.Pdesk.ServicesHost c:\Program Files\Matrox Graphics Inc\PowerDesk SE\Matrox.Pdesk.ServicesHost.exe
19:51:15.0093 0x0cec Matrox.Pdesk.ServicesHost - ok
19:51:15.0218 0x0cec [ 11F714F85530A2BD134074DC30E99FCA, BDB5FD3B2DF4ADD19B31965B3E789768B59E872B3EA85912B1FFB32B2AF9D5D8 ] MDM C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
19:51:15.0234 0x0cec MDM - ok
19:51:15.0265 0x0cec [ 221CD1C815B8A6B79389C3F5D1018DE8, 6D0D25D6669C4F9452F74EC72C6138A41D9408E01AF5FD01C08F27BE7BC9C905 ] Messenger C:\WINDOWS\System32\msgsvc.dll
19:51:15.0281 0x0cec Messenger - ok
19:51:15.0375 0x0cec [ 966FE72529898A4493BE6A1C69DF28E1, 52EF0F113A3802C145FC9754B8436E9E4C7B9243E84206A6F0B68574FFF4460A ] MGABGEXE C:\WINDOWS\system32\mgabg.exe
19:51:15.0406 0x0cec MGABGEXE - ok
19:51:15.0453 0x0cec [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
19:51:15.0453 0x0cec mnmdd - ok
19:51:15.0500 0x0cec [ 9A57D046F88F4B69751B11FD40088A61, 62F65433024CE411F111A88723747B8A83B31076FBAF4CFF40FD02A53D7FF7DF ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
19:51:15.0515 0x0cec mnmsrvc - ok
19:51:15.0546 0x0cec [ 44032B0C6D9954D3FD26438330B99EE7, A49749A4C00D50F57170AA5DA9E2DEECC8C524A48B144C8B784894F2C202FBEE ] Modem C:\WINDOWS\system32\drivers\Modem.sys
19:51:15.0562 0x0cec Modem - ok
19:51:15.0625 0x0cec [ 4CB582831DBDE63CE43B45D771218374, 6D470B26197C5B388983D9213D48D2CDE934C9591572876DC7790FE4B59E0845 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
19:51:15.0625 0x0cec Mouclass - ok
19:51:15.0671 0x0cec [ A80B9A0BAD1B73637DBCBBA7DF72D3FD, 2A5E15ED2C24C6C65EF2F7E1FD93374774076C9D8D451E4422561F4D269C012F ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
19:51:15.0671 0x0cec MountMgr - ok
19:51:15.0687 0x0cec mraid35x - ok
19:51:15.0718 0x0cec [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
19:51:15.0734 0x0cec MRxDAV - ok
19:51:15.0812 0x0cec [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0, DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6CB1C22840ED170 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
19:51:15.0828 0x0cec MRxSmb - ok
19:51:15.0859 0x0cec [ 6DB4D1521CABA9A5FFAB54ADE0AE867D, 78D63EE2C0B0852F0771071C099643242EBC9F4DA28847B93BCE9C3CC1091938 ] MSDTC C:\WINDOWS\system32\msdtc.exe
19:51:15.0859 0x0cec MSDTC - ok
19:51:15.0906 0x0cec [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
19:51:15.0906 0x0cec Msfs - ok
19:51:15.0921 0x0cec MSIServer - ok
19:51:15.0937 0x0cec [ D1575E71568F4D9E14CA56B7B0453BF1, 4ABE0E24786C0D39FA2B885447E56204CA6942FB175E534DCE675D7BCF0B176A ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
19:51:15.0953 0x0cec MSKSSRV - ok
19:51:15.0968 0x0cec [ 325BB26842FC7CCC1FCCE2C457317F3E, C07BE560513B1FB91D756494F0BA4AEEB2E1998DE0E1C21EE83DB1183B0CEE91 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
19:51:15.0968 0x0cec MSPCLOCK - ok
19:51:16.0015 0x0cec [ BAD59648BA099DA4A17680B39730CB3D, 9AD4C7C94C186C8815D0BC75DCAFB962158DA6935A244BA243EDDDEB33F9816C ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
19:51:16.0031 0x0cec MSPQM - ok
19:51:16.0046 0x0cec [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
19:51:16.0062 0x0cec mssmbios - ok
19:51:16.0093 0x0cec [ E53736A9E30C45FA9E7B5EAC55056D1D, 38602F280BF69EBA3706AD175AFC1AEB561A8302B4B61E3FECB3C27D7A9BDB41 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
19:51:16.0093 0x0cec MSTEE - ok
19:51:16.0125 0x0cec [ DE6A75F5C270E756C5508D94B6CF68F5, FCC972DDC36C2C44D836913F10004C2C33B11C54DEFFF0C63E0FDF901D2F9261 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
19:51:16.0125 0x0cec Mup - ok
19:51:16.0156 0x0cec [ 5B50F1B2A2ED47D560577B221DA734DB, C16A554B6E1A7F5F98C94DFA88163E0F7426506BF2F51FD351B1A05FC0DB3BC5 ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
19:51:16.0156 0x0cec NABTSFEC - ok
19:51:16.0218 0x0cec [ 6EA362E9DB03D44F6B996F4D8BE237E9, FE6B4C546D26C4A2832CF4CB280B86B1723E10E46A3C24AF6C9856FCCAE9D1FC ] napagent C:\WINDOWS\System32\qagentrt.dll
19:51:16.0250 0x0cec napagent - ok
19:51:16.0296 0x0cec [ 1DF7F42665C94B825322FAE71721130D, FE0DCB728471465B39A42A7511F4133021FBA5DF88F88BCB5FE2FF34CFD713F9 ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
19:51:16.0296 0x0cec NDIS - ok
19:51:16.0328 0x0cec [ 7FF1F1FD8609C149AA432F95A8163D97, 18CD1FF5AC1EF8A38D1EC53014F2BADD28D9CDF4ECE2EBC2313D08903776F323 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
19:51:16.0328 0x0cec NdisIP - ok
19:51:16.0375 0x0cec [ 0109C4F3850DFBAB279542515386AE22, 4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
19:51:16.0375 0x0cec NdisTapi - ok
19:51:16.0437 0x0cec [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
19:51:16.0437 0x0cec Ndisuio - ok
19:51:16.0468 0x0cec [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
19:51:16.0468 0x0cec NdisWan - ok
19:51:16.0515 0x0cec [ 9282BD12DFB069D3889EB3FCC1000A9B, 09A46F1712BD9165068D8E153585FE3E6E5CBF4F1DDEC142115555D3A91AEC09 ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
19:51:16.0531 0x0cec NDProxy - ok
19:51:16.0546 0x0cec [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
19:51:16.0546 0x0cec NetBIOS - ok
19:51:16.0609 0x0cec [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
19:51:16.0625 0x0cec NetBT - ok
19:51:16.0671 0x0cec [ 933DE774986EC85E48210C44AB431DE6, B8C85085003792B8744D96585CE6F2BC474EEEEC364A100CCBCE08176D91E75C ] NetDDE C:\WINDOWS\system32\netdde.exe
19:51:16.0687 0x0cec NetDDE - ok
19:51:16.0718 0x0cec [ 933DE774986EC85E48210C44AB431DE6, B8C85085003792B8744D96585CE6F2BC474EEEEC364A100CCBCE08176D91E75C ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
19:51:16.0718 0x0cec NetDDEdsdm - ok
19:51:16.0781 0x0cec [ ED0A176354487CEED65B80A7148AB739, 71295D7D7684539DBD2924B437660960C01E073A521FE12D1519969327EC8DC4 ] Netlogon C:\WINDOWS\system32\lsass.exe
19:51:16.0796 0x0cec Netlogon - ok
19:51:16.0828 0x0cec [ 72E1E9E2977BE08BDEEDB6D8FD9D4D40, 588C8BA14A7255FD36A88960CBE34341301773765ECF2A9A0F1760A509A08A5B ] Netman C:\WINDOWS\System32\netman.dll
19:51:16.0843 0x0cec Netman - ok
19:51:16.0890 0x0cec [ D34612C5D02D026535B3095D620626AE, 1BBCCCBF49EB8807240A77DCB43C25C21682073CC5356594E2C4F53EF36BF657 ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:51:16.0890 0x0cec NetTcpPortSharing - ok
19:51:16.0937 0x0cec [ 39EE7C3BFBC64BA87CC8CF67386E814C, B93CCB625CE370D9A49C9374D24C939D7C9FEF81401F4F822C51E12677D77E01 ] Nla C:\WINDOWS\System32\mswsock.dll
19:51:16.0968 0x0cec Nla - ok
19:51:17.0015 0x0cec [ B48DC6ABCD3AEFF8618350CCBDC6B09A, 824D8B03E061DDD0D33EF9F03C669B13E7B6E339684009BD44D69178C45E2DE1 ] npf C:\WINDOWS\system32\drivers\npf.sys
19:51:17.0031 0x0cec npf - ok
19:51:17.0062 0x0cec [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
19:51:17.0062 0x0cec Npfs - ok
19:51:17.0140 0x0cec [ 78A08DD6A8D65E697C18E1DB01C5CDCA, E0E6F3ED05068E32F1D5C2D2B38CDEF4536B8656DB6756C66CF6B40B60C8F3DA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
19:51:17.0171 0x0cec Ntfs - ok
19:51:17.0203 0x0cec [ ED0A176354487CEED65B80A7148AB739, 71295D7D7684539DBD2924B437660960C01E073A521FE12D1519969327EC8DC4 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
19:51:17.0203 0x0cec NtLmSsp - ok
19:51:17.0281 0x0cec [ 023DD70573D644F3D9C8B1258A7BFD08, 9A1D3210ED5FD8BEDF92ED577A9B30E37035408A73EB66A8C950B75AB7539B83 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
19:51:17.0312 0x0cec NtmsSvc - ok
19:51:17.0343 0x0cec [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null C:\WINDOWS\system32\drivers\Null.sys
19:51:17.0343 0x0cec Null - ok
19:51:17.0484 0x0cec [ 2B298519EDBFCF451D43E0F1E8F1006D, 67F3F2001F4C8DABD253D60AB3222793635532DC51AD977954286F8A246F5592 ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
19:51:17.0578 0x0cec nv - ok
19:51:17.0640 0x0cec [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
19:51:17.0640 0x0cec NwlnkFlt - ok
19:51:17.0656 0x0cec [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
19:51:17.0671 0x0cec NwlnkFwd - ok
19:51:17.0718 0x0cec [ 1D98907D80461371437A7C898C58C8AE, 1BFEAD2AC3CCA5057F19368D8B2FE53641759772051F0927BE95FDE99B17A4A1 ] omci C:\WINDOWS\system32\DRIVERS\omci.sys
19:51:17.0718 0x0cec omci - ok
19:51:17.0765 0x0cec [ 7A56CF3E3F12E8AF599963B16F50FB6A, 882C82BAE96D263138D4C0D6C425458B770B7B9C8E9C1D28AC918BF6BE94A5C2 ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:51:17.0781 0x0cec ose - ok
19:51:17.0828 0x0cec [ 46F8DB73B4A53E543F8E371DC7C75BAE, F6C5E7DE4B4AE0ED785DB075BE14EA6A0FC9050C95669B26DEF2B82D7B7D3B2C ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
19:51:17.0843 0x0cec Parport - ok
19:51:17.0890 0x0cec [ BEB3BA25197665D82EC7065B724171C6, 7E71C13BA30CD95CEE8A9CC85E6F48A01F30EDEAADEE69D80AE828BF97E5A5CA ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
19:51:17.0890 0x0cec PartMgr - ok
19:51:17.0953 0x0cec [ 1FAE19D0457176318BBA4A8795656EBC, 5F3D6CABA203A0485D67F63A6A81151724EE200BE49ED095CFCB1EF29C19D19F ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
19:51:17.0953 0x0cec ParVdm - ok
19:51:17.0968 0x0cec [ 6CE351D149CB4BEFC702951E471E1730, 758327683BB45F01D5AE550AF21856822B4CF55E17F2A4F452F559088D242B37 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys

guest · Příspěvekod **guest** » 16 pro 2013 20:10

19:51:17.0984 0x0cec PCI - ok
19:51:18.0015 0x0cec [ 2DA4EC85E0EA7A45C6B2A05820492D5A, A8C6BD93D3BC33A5B36EB523997EF9E0783B6E6EAFB6E7F58BCC2629009BDCF9 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
19:51:18.0015 0x0cec PCIIde - ok
19:51:18.0046 0x0cec [ 4FC31E6C19A5CE5198B1ABFF94CAE758, A031E21EC1F15DA5E8429269F435337FA961C3C06D535DAFD448C7355F33FD0C ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
19:51:18.0046 0x0cec Pcmcia - ok
19:51:18.0078 0x0cec perc2 - ok
19:51:18.0093 0x0cec perc2hib - ok
19:51:18.0171 0x0cec [ 9EF697AF07BB8DD82C3B02CA953A95B7, F26033E660B8FF1BDB9E88CDA205CE128C03138AF6BEC05DB3CF2D95C16D86C6 ] PlugPlay C:\WINDOWS\system32\services.exe
19:51:18.0187 0x0cec PlugPlay - ok
19:51:18.0203 0x0cec [ ED0A176354487CEED65B80A7148AB739, 71295D7D7684539DBD2924B437660960C01E073A521FE12D1519969327EC8DC4 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
19:51:18.0218 0x0cec PolicyAgent - ok
19:51:18.0265 0x0cec [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
19:51:18.0265 0x0cec PptpMiniport - ok
19:51:18.0296 0x0cec [ ED0A176354487CEED65B80A7148AB739, 71295D7D7684539DBD2924B437660960C01E073A521FE12D1519969327EC8DC4 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
19:51:18.0312 0x0cec ProtectedStorage - ok
19:51:18.0328 0x0cec [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
19:51:18.0343 0x0cec PSched - ok
19:51:18.0359 0x0cec [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
19:51:18.0359 0x0cec Ptilink - ok
19:51:18.0375 0x0cec ql1080 - ok
19:51:18.0390 0x0cec Ql10wnt - ok
19:51:18.0421 0x0cec ql12160 - ok
19:51:18.0437 0x0cec ql1240 - ok
19:51:18.0453 0x0cec ql1280 - ok
19:51:18.0484 0x0cec [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
19:51:18.0484 0x0cec RasAcd - ok
19:51:18.0531 0x0cec [ 2B5E44EA009F2F374B980E1E9A70635D, 62D8FDB80C8ACBA2C42C12760B785587C43BEDFE015EC5C41B25F2BB735EFEB0 ] RasAuto C:\WINDOWS\System32\rasauto.dll
19:51:18.0546 0x0cec RasAuto - ok
19:51:18.0593 0x0cec [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
19:51:18.0593 0x0cec Rasl2tp - ok
19:51:18.0687 0x0cec [ D57554C664B64604BD1EE13EA2C07E77, B090C05B91EA602BFF9A5E89AB1A0FFDE869611961FF749DA8B3F4D00F04E756 ] RasMan C:\WINDOWS\System32\rasmans.dll
19:51:18.0703 0x0cec RasMan - ok
19:51:18.0718 0x0cec [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
19:51:18.0718 0x0cec RasPppoe - ok
19:51:18.0750 0x0cec [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
19:51:18.0750 0x0cec Raspti - ok
19:51:18.0796 0x0cec [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
19:51:18.0812 0x0cec Rdbss - ok
19:51:18.0828 0x0cec [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
19:51:18.0828 0x0cec RDPCDD - ok
19:51:18.0875 0x0cec [ 15CABD0F7C00C47C70124907916AF3F1, 66B5C978B7FB6359AD8BAC9F568FE9D469E358FEAB07B1F129BA9E85F1DF723E ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
19:51:18.0875 0x0cec rdpdr - ok
19:51:18.0937 0x0cec [ 43AF5212BD8FB5BA6EED9754358BD8F7, AF330F61CECA4AFA359CEABC5EB3227E6B56A9A2DCE50701381D665122D7356D ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
19:51:18.0953 0x0cec RDPWD - ok
19:51:18.0984 0x0cec [ C0D9D9711CB74EE9BC66353D8CBDAB0E, F1AF9A26910707E76BF213D8DE5C902B0088D8A29EBDFF72DE6A4D867E298CC8 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
19:51:19.0000 0x0cec RDSessMgr - ok
19:51:19.0062 0x0cec [ 611BFD220305BE3A85AE876EA47D4AA5, FDF87878EB3886649025E5A12F1C3FC9072D66CCD3217944710085C1F8A4512E ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
19:51:19.0062 0x0cec redbook - ok
19:51:19.0109 0x0cec [ 127C26B5371651043450E52542099ABA, 98AADAD8D5211CB894AA7C59B6299861B1F44B6D8F46AB5837E7D2F5B615B14A ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
19:51:19.0125 0x0cec RemoteAccess - ok
19:51:19.0156 0x0cec [ 8F31505484A190D5B22274708799F4EC, 170FF8193C95CEE73B9342B6FB7D83DF4E80B2CCBB27DF41F4AB5F2FB9AF60E1 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
19:51:19.0156 0x0cec RemoteRegistry - ok
19:51:19.0203 0x0cec [ 718B3BDC0BC3C2F7D065A53D26202AF9, 9E58243628F1E1396AB82A80D046FF50803A230EE07B007E0CA5D744C77B091A ] RpcLocator C:\WINDOWS\system32\locator.exe
19:51:19.0218 0x0cec RpcLocator - ok
19:51:19.0265 0x0cec [ BE27674D1CBC3214AEC84B4336A38BBF, 3DF5F9A9E97595A61314B2731DF4F3D3C19D1B9D2291624A63B8E1861FFC2D76 ] RpcSs C:\WINDOWS\System32\rpcss.dll
19:51:19.0296 0x0cec RpcSs - ok
19:51:19.0359 0x0cec [ 09AB2E71E58B078038E3BFDBA7FFC984, 8CA277DEEF6376B0F48C6BA5DBBC3E8AF2245983BA9AF6AB83D1A920D35FAF93 ] RSVP C:\WINDOWS\system32\rsvp.exe
19:51:19.0375 0x0cec RSVP - ok
19:51:19.0437 0x0cec [ 59509AD6CBC28F2C73056268985B3E48, 116B2F7C3AA3AF2E1E9380780D24A33B9DD169C2D5DDD4EE182A3BDFBA081436 ] s0016bus C:\WINDOWS\system32\DRIVERS\s0016bus.sys
19:51:19.0437 0x0cec s0016bus - ok
19:51:19.0468 0x0cec [ B98C3A6F91F4FBA285AF9606A240C6B4, 21AF9324116BB87A8B26F218AC7707882D10D6ADD7E1D01A9C1E9B0BFCAEE708 ] s0016mdfl C:\WINDOWS\system32\DRIVERS\s0016mdfl.sys
19:51:19.0468 0x0cec s0016mdfl - ok
19:51:19.0515 0x0cec [ 8A83426F4FB7B5212825D9DE76368B1A, 990A3CF48CA6CAE7DE10CBE06A75085E0186DD4735B3F64FE151B1727DC118A2 ] s0016mdm C:\WINDOWS\system32\DRIVERS\s0016mdm.sys
19:51:19.0531 0x0cec s0016mdm - ok
19:51:19.0562 0x0cec [ 7A78BBA97FEB5E6D24C49E93A3BF7287, 99A447242968050940647A52C2191CAB57B7D293636FFA38300E89D872C60876 ] s0016mgmt C:\WINDOWS\system32\DRIVERS\s0016mgmt.sys
19:51:19.0562 0x0cec s0016mgmt - ok
19:51:19.0609 0x0cec [ 34EF7B5F611957B73E7219DD5A222AD1, FA9EA663184FF9E2F7386789B613E29A5464566055E6D0EF22A743928155A6D3 ] s0016nd5 C:\WINDOWS\system32\DRIVERS\s0016nd5.sys
19:51:19.0609 0x0cec s0016nd5 - ok
19:51:19.0656 0x0cec [ 36792935847143E4A3CDA0DC87248487, F23B477925078ADB2BC1CD8CFE690623BD8ABD7B9F88C62DD56766D1BDD90783 ] s0016obex C:\WINDOWS\system32\DRIVERS\s0016obex.sys
19:51:19.0671 0x0cec s0016obex - ok
19:51:19.0718 0x0cec [ 927208754FB27FC3E7A659E77500C5D1, DD5FBC7151D9C2785BBC54D033771FD06C822CA2254C3C8A5D2FEDF6EA8B3DC6 ] s0016unic C:\WINDOWS\system32\DRIVERS\s0016unic.sys
19:51:19.0718 0x0cec s0016unic - ok
19:51:19.0765 0x0cec [ ED0A176354487CEED65B80A7148AB739, 71295D7D7684539DBD2924B437660960C01E073A521FE12D1519969327EC8DC4 ] SamSs C:\WINDOWS\system32\lsass.exe
19:51:19.0765 0x0cec SamSs - ok
19:51:19.0812 0x0cec [ 410046E401EB11E1E6749E9DEEA41D4A, 9507268ACD24EF51E994DC418E8EB3E10DEDE61EE892226A22A5DA7662397E25 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
19:51:19.0828 0x0cec SCardSvr - ok
19:51:19.0875 0x0cec [ 20B2751CD4C8F3FD989739CA661B9F30, 7D2449FB3657DD219D7A401AB8BC0B3AF0FBB6BD784C1AC723825CB1B688BEC5 ] SCDEmu C:\WINDOWS\system32\drivers\SCDEmu.sys
19:51:19.0890 0x0cec SCDEmu - ok
19:51:19.0953 0x0cec [ 3FF232A7731621B8902D81D42418C93C, 2030C9A843D9555170179883BD4CC1E978D5FC5EC0D7FCA56518224E428BE421 ] Schedule C:\WINDOWS\system32\schedsvc.dll
19:51:19.0968 0x0cec Schedule - ok
19:51:20.0031 0x0cec [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
19:51:20.0031 0x0cec Secdrv - ok
19:51:20.0078 0x0cec [ 477E2C3CC5E4A0D635BCB0EA8DCAC3C6, 82EEB2345AC19050FAB202DE76C2CDD93E753F5AB67789A86A1726D3040C02E5 ] seclogon C:\WINDOWS\System32\seclogon.dll
19:51:20.0078 0x0cec seclogon - ok
19:51:20.0140 0x0cec [ E5B56569A9F79B70314FEDE6C953641E, 41B088CD3AE5A342D44F2FDCB63975E15D79155F56DFC75631663D9C31D98634 ] seehcri C:\WINDOWS\system32\DRIVERS\seehcri.sys
19:51:20.0140 0x0cec seehcri - ok
19:51:20.0171 0x0cec [ A530B75C10C23C9AB28FDB6CE719E21F, 14568DF6457758E2F534A46A8E6245C364895C3993BEF2B5A889B98DBB201A27 ] SENS C:\WINDOWS\system32\sens.dll
19:51:20.0187 0x0cec SENS - ok
19:51:20.0203 0x0cec [ 0F29512CCD6BEAD730039FB4BD2C85CE, 4F98AE390D1B14A755700DD6CEFB9CF921F0404AF2145D2D7E5F52394F87C6A5 ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
19:51:20.0218 0x0cec serenum - ok
19:51:20.0234 0x0cec [ B842729337C9B921615C40D3C1A1AF96, 503670A56423B996C6ED6AE95F07FB88910767C4A2041A4BE9070C57A016E7FA ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
19:51:20.0234 0x0cec Serial - ok
19:51:20.0328 0x0cec [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
19:51:20.0328 0x0cec Sfloppy - ok
19:51:20.0390 0x0cec [ F58FACA9621D2DB01BD0927D9A0A208E, 239C87E09261BC9D1DBE99DABCFC4787D42289E8769563A5EFB323BE6F177C9A ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
19:51:20.0421 0x0cec SharedAccess - ok
19:51:20.0453 0x0cec [ EE9A2B9EA968A792A053C9D1A86BF870, 39798179F2EA42216CBE98F08ADA3675A87BD0C31A66534367B96CB129AF36BA ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
19:51:20.0468 0x0cec ShellHWDetection - ok
19:51:20.0484 0x0cec Simbad - ok
19:51:20.0562 0x0cec [ F5BBEDF602C310B00036EB2DBF4348A5, AC2712E639F0C54BCF00EB4E90E805335871EA27AE8A45DFC53EDF28822318C4 ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
19:51:20.0562 0x0cec SkypeUpdate - ok
19:51:21.0093 0x0cec [ 866D538EBE33709A5C9F5C62B73B7D14, BC94BEB7C17B4FCAC8B5D0D5006A203BC209E0504EECE149651D8691935696CD ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
19:51:21.0093 0x0cec SLIP - ok
19:51:21.0187 0x0cec [ 70B8DD8707DBF6142530C106365DF67D, 9865D66B811BE873E65B4B5E8BFC0DE14BBE5B622BABC036EC61BADE72DC52F3 ] smwdm C:\WINDOWS\system32\drivers\smwdm.sys
19:51:21.0218 0x0cec smwdm - ok
19:51:21.0250 0x0cec Sparrow - ok
19:51:21.0281 0x0cec [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] splitter C:\WINDOWS\system32\drivers\splitter.sys
19:51:21.0281 0x0cec splitter - ok
19:51:21.0343 0x0cec [ 60784F891563FB1B767F70117FC2428F, E0B07F08E60FFBAD36C2E58180F4B2A16DCA47716044CBE0213DF7B74D742F1F ] Spooler C:\WINDOWS\system32\spoolsv.exe
19:51:21.0359 0x0cec Spooler - ok
19:51:21.0390 0x0cec [ 94610C8653635E4459316A0050D55CE7, D148D33B3D2B0757060531C526F2161504A8D7C4E5957D092C7EBDB007271339 ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
19:51:21.0390 0x0cec sr - ok
19:51:21.0453 0x0cec [ 35B91147124F64AC8081A2EDB9EA4DEE, 1609D19156DAC6EE3C2D2350B062966B64D9CDC289E9B8FEB6D244AAEBE90BBF ] srservice C:\WINDOWS\system32\srsvc.dll
19:51:21.0468 0x0cec srservice - ok
19:51:21.0531 0x0cec [ 47DDFC2F003F7F9F0592C6874962A2E7, 17C643BD4EB09B5666FE41817DC785BE04A6E491CE79E8E5A702CDBD98E1BDD7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
19:51:21.0546 0x0cec Srv - ok
19:51:21.0609 0x0cec [ BECD5271DC4E3B7C3D035F790FCBC1E5, D63B9DB81332553C963EC5057D241CE2287AF652387333C1FD79AF8C9B5F2BA7 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
19:51:21.0625 0x0cec SSDPSRV - ok
19:51:21.0671 0x0cec [ C1CDD9275F6A115BB0AE1D55D8D27BA6, CD0511FD7F6AD832CBEB931C605AB3AD217631C57399CB8033248D27619541E4 ] stisvc C:\WINDOWS\system32\wiaservc.dll
19:51:21.0703 0x0cec stisvc - ok
19:51:21.0734 0x0cec [ 77813007BA6265C4B6098187E6ED79D2, 93939120E803C46FBFD577C8FC2E6C7E71C0460E01D25CB29579490640AB50C7 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
19:51:21.0750 0x0cec streamip - ok
19:51:21.0796 0x0cec [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
19:51:21.0796 0x0cec swenum - ok
19:51:21.0828 0x0cec [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
19:51:21.0843 0x0cec swmidi - ok
19:51:21.0859 0x0cec SwPrv - ok
19:51:21.0890 0x0cec symc810 - ok
19:51:21.0906 0x0cec symc8xx - ok
19:51:21.0921 0x0cec sym_hi - ok
19:51:21.0953 0x0cec sym_u3 - ok
19:51:21.0984 0x0cec [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
19:51:22.0000 0x0cec sysaudio - ok
19:51:22.0046 0x0cec [ CE06F01B88ACE199A1BF460CAC29C110, 3CD89E5B8E53203287D889C107E4795225742DB6C6ACA2DC0611BD9728382A27 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
19:51:22.0062 0x0cec SysmonLog - ok
19:51:22.0125 0x0cec [ C2546CD7A398476F9DF5614B2AE160E8, 11C8435BA983553E9C0806494E9B3C7080515C0375B0604F029D89B50726161A ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
19:51:22.0140 0x0cec TapiSrv - ok
19:51:22.0203 0x0cec [ A31C02A9BF05BCFF9004185CCC112008, FBC61FE05C1FAA1F9EFDEA2C15068F1F120E0013F364BA0D8E0DBF8F144AA0A2 ] tbhsd C:\WINDOWS\system32\drivers\tbhsd.sys
19:51:22.0218 0x0cec tbhsd - ok
19:51:22.0281 0x0cec [ 9AEFA14BD6B182D61E3119FA5F436D3D, EA29E49434585409272E7901AF89771FE9D6E911A7DC44AB3C7020CFF8A44552 ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
19:51:22.0296 0x0cec Tcpip - ok
19:51:22.0359 0x0cec [ 6471A66807F5E104E4885F5B67349397, F35CBFFB8BB235CCE30EF94A5273333900DD49FD506BF9D55D99A320B8A53A5A ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
19:51:22.0375 0x0cec TDPIPE - ok
19:51:22.0390 0x0cec [ C56B6D0402371CF3700EB322EF3AAF61, 7743FA4C734BCE38EFB1CA69BC17364D8421E2CD172F856F7E38E7AE1EE93F2F ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
19:51:22.0390 0x0cec TDTCP - ok
19:51:22.0781 0x0cec [ F67C21CC4195F6AFC447418FE163E156, 01D245952C1AF2B365DBA6C36AFE0FFB2332480B6A1D7D4B43A0DE4FB7535B0B ] TeamViewer8 C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
19:51:23.0093 0x0cec TeamViewer8 - ok
19:51:23.0156 0x0cec [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
19:51:23.0171 0x0cec TermDD - ok
19:51:23.0250 0x0cec [ A75DD6FC3DBEE4FFF5EBC9F2C28BB66E, 3D2B1D899061448EAD993CDE97D1EF50DD64728E9F44D80FEAE591198A937653 ] TermService C:\WINDOWS\System32\termsrv.dll
19:51:23.0281 0x0cec TermService - ok
19:51:23.0312 0x0cec [ EE9A2B9EA968A792A053C9D1A86BF870, 39798179F2EA42216CBE98F08ADA3675A87BD0C31A66534367B96CB129AF36BA ] Themes C:\WINDOWS\System32\shsvcs.dll
19:51:23.0328 0x0cec Themes - ok
19:51:23.0375 0x0cec [ CD0CC7B167D78043A41C98D4921EFB54, 31AAB5D6D6BA52EBDDE1B5DEB8F9B4D9597FFBA4485F959C846F635060CCB5C0 ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
19:51:23.0390 0x0cec TlntSvr - ok
19:51:23.0421 0x0cec TosIde - ok
19:51:23.0453 0x0cec [ 38853304CCB938D30E0C4CDE8D2C2A8A, 966E7BCC9F63A1A7777F8A12E51C2A91EC688CE96109943ADC4CB4EB58DC34A6 ] TrkWks C:\WINDOWS\system32\trkwks.dll
19:51:23.0468 0x0cec TrkWks - ok
19:51:23.0500 0x0cec [ 91B6DFBA0FD7D0F4836FB711D1B5D81C, 5EC7D7FC05306927B025DE557F104A511470FAFC6359783C27246530966A100A ] TrueSight C:\WINDOWS\system32\TrueSight.sys
19:51:23.0531 0x0cec TrueSight - ok
19:51:23.0578 0x0cec [ 5787B80C2E3C5E2F56C2A233D91FA2C9, 3774905CF77954DFCECDA5BCC7CDE3D0ED72712BFAAD85ADAE5246306447E46C ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
19:51:23.0578 0x0cec Udfs - ok
19:51:23.0609 0x0cec ultra - ok
19:51:23.0671 0x0cec [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
19:51:23.0703 0x0cec Update - ok
19:51:23.0765 0x0cec [ 651BD90DCEE5B7BDC74A2EB7C9266F9E, AF7662BCA0819F82CE5EE0863E47149CC127DE664CB3DC6359B63FBD71DB54F8 ] upnphost C:\WINDOWS\System32\upnphost.dll
19:51:23.0796 0x0cec upnphost - ok
19:51:23.0828 0x0cec [ 20A0F6A11959E92908717D09E87D670D, 3DD6C99AB0F70FAA43DF470B30078B8A51B8AF735CD5C50DBB195FEA70F4C36E ] UPS C:\WINDOWS\System32\ups.exe
19:51:23.0828 0x0cec UPS - ok
19:51:23.0890 0x0cec [ 65898A183FBF1D1F7759D5CCB364DCD4, 85E823123FDB4CA5F8255064E22A444627999055EC3419DFD001371893F36AB9 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
19:51:23.0906 0x0cec usbaudio - ok
19:51:23.0953 0x0cec [ 1B611611C28D2DF25BC057D79C6F13FC, B0D86F63E44B40413BBAE6402CC088046CFAE082D41BBC2ED5A916293356B846 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
19:51:23.0953 0x0cec usbccgp - ok
19:51:23.0984 0x0cec [ 4BAC8DF07F1D8434FC640E677A62204E, 76C1351AF6752224BF59DEEE0F8665FE699F3DFD679F5BCD01C7D9383E6402A4 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
19:51:24.0000 0x0cec usbehci - ok
19:51:24.0046 0x0cec [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
19:51:24.0046 0x0cec usbhub - ok
19:51:24.0109 0x0cec [ A717C8721046828520C9EDF31288FC00, 1530BBE832EDBB0974AD89D723A03FF7A0094B368992D73C2C3E62A181DF1E0A ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
19:51:24.0109 0x0cec usbprint - ok
19:51:24.0171 0x0cec [ A32426D9B14A089EAA1D922E0C5801A9, ED1DC52EE45F8EAD3AEC4B1F817BB25634141CF48295494C5947DCE6CF7A9817 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
19:51:24.0171 0x0cec USBSTOR - ok
19:51:24.0187 0x0cec [ 26496F9DEE2D787FC3E61AD54821FFE6, 8BE7FF647470B9A951CBB478FAF83D657A15CC78037F42348A6B738F21D523DA ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
19:51:24.0203 0x0cec usbuhci - ok
19:51:24.0234 0x0cec [ 813236B1183CFCF289E367BD5DE6E29E, 167FE18A96F330AEEC1A4C419770C15EFEB536D43838285E51E7A62E95DF4674 ] usbvideo C:\WINDOWS\system32\Drivers\usbvideo.sys
19:51:24.0250 0x0cec usbvideo - ok
19:51:24.0296 0x0cec [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
19:51:24.0296 0x0cec VgaSave - ok
19:51:24.0312 0x0cec ViaIde - ok
19:51:24.0375 0x0cec [ 28A4B296B47782173C346E376CB374D1, FE799FE4A41752A2B47027EA88214BF3E39B317302939F4A2D0F2A4EFAAC2F13 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
19:51:24.0375 0x0cec VolSnap - ok
19:51:24.0437 0x0cec [ D6BA1A63D9E00933F1CD2A885573AFB2, 36311A060635CEC1DBB6D8A746B8A4D007706EAE97D51A5E12F9958AB16BE486 ] VSS C:\WINDOWS\System32\vssvc.exe
19:51:24.0468 0x0cec VSS - ok
19:51:24.0515 0x0cec [ FA4E1CDBA256787F2149F4AAD07BC91F, 1B5FC5248335D70094D04501AA2C30F54782B58FF8D573BE8E784A21529C7CAF ] W32Time C:\WINDOWS\system32\w32time.dll
19:51:24.0546 0x0cec W32Time - ok
19:51:24.0609 0x0cec [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
19:51:24.0609 0x0cec Wanarp - ok
19:51:24.0640 0x0cec [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
19:51:24.0656 0x0cec wdmaud - ok
19:51:24.0687 0x0cec [ 47AE51048A82DFA1CD6B51D369F7E169, 742F2162B8BDE00D83715093EA9743338964597ED22648B9F4F139D7278235A4 ] WebClient C:\WINDOWS\System32\webclnt.dll
19:51:24.0703 0x0cec WebClient - ok
19:51:24.0812 0x0cec [ E488332126E3B1182D2B8A0C35408EC6, F9F60911DF0A539753B2BEF6FAD2D0AED1BC1C3F43509F79D9AF2F810CDE5D9B ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
19:51:24.0812 0x0cec winmgmt - ok
19:51:24.0906 0x0cec [ C51B4A5C05A5475708E3C81C7765B71D, F776D2680BD3407307B7072626F78460361FC5BC38623C9E16F394D300AB25DE ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
19:51:24.0906 0x0cec WmdmPmSN - ok
19:51:24.0984 0x0cec [ 0171CFF34BBA8C5977F18C48D8AEF8C6, 0E3E04220157CCFB92F8D029805EB56D101C2A3AB3375354537FA9B5B3CAA0AD ] Wmi C:\WINDOWS\System32\advapi32.dll
19:51:25.0015 0x0cec Wmi - ok
19:51:25.0078 0x0cec [ 23F6F03272F7E5679F1F050AED5ACEE6, 87EBE773F3E8FFE2F1E1DB435BB0E8852031AA88112EB791085AD3DA918B49CC ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
19:51:25.0093 0x0cec WmiApSrv - ok
19:51:25.0218 0x0cec [ 3739866D20ABD42F26A7B85F9E2560AF, 9DD01194A553590146A1A1D790B2F891D244C8C0EE34DA423CF2B1F7418BD3AC ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
19:51:25.0265 0x0cec WMPNetworkSvc - ok
19:51:25.0390 0x0cec [ 15673BD0B86150CB8E27766059C72A9B, 56C23289A8BFF4945EE532CF6D62D3EC81B827CA15A359F30A327789F9FE9CAF ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
19:51:25.0421 0x0cec WPFFontCache_v0400 - ok
19:51:25.0484 0x0cec [ 6ABE6E225ADB5A751622A9CC3BC19CE8, 4061C5D0F051DFF1730E2A3BFC1CCA97B29602FC50F10F6B44D93B0D28F42024 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
19:51:25.0484 0x0cec WS2IFSL - ok
19:51:25.0562 0x0cec [ 4C86D5FAF78194995AF9CC1075F65DD3, D3B23BB0971E0DBC0A51720067489C224323B603178E91149BF56F779DE352F0 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
19:51:25.0578 0x0cec wscsvc - ok
19:51:25.0609 0x0cec [ C98B39829C2BBD34E454150633C62C78, 71B60EA3AD0E2637917D528C6A9E7ECF2949E3E5E91036AA5BBADA95BD725511 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
19:51:25.0609 0x0cec WSTCODEC - ok
19:51:25.0640 0x0cec [ C1364564800EE9784192145324A23308, 5345BAE00364233594C9CF99CE2CC485E65B5D4FFBB81C86B2950EDA2427584C ] wuauserv C:\WINDOWS\system32\wuauserv.dll
19:51:25.0656 0x0cec wuauserv - ok
19:51:25.0718 0x0cec [ F15FEAFFFBB3644CCC80C5DA584E6311, 79B3E9AF35976CE49921E9BEA3BA3B4A8AF762FD3F284B62954038B5FFB32471 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
19:51:25.0718 0x0cec WudfPf - ok
19:51:25.0750 0x0cec [ 28B524262BCE6DE1F7EF9F510BA3985B, AEFF02B899801A63CBB262757C3D4369E38BFF0690BD085DE60E873DFBE3C3F4 ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
19:51:25.0765 0x0cec WudfRd - ok
19:51:25.0796 0x0cec [ 05231C04253C5BC30B26CBAAE680ED89, 5C03C2D7E0B573646D32F4093E2FF2C3BA391C39F5BA37D67F69D38E357FCC3D ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
19:51:25.0812 0x0cec WudfSvc - ok
19:51:25.0890 0x0cec [ A27D4BA7264C0BF52F32D10405BEA1D4, 5F28607CCAB15FB601BEB35FF0B1A5CD27C678C6D1CA724E842C33EED4579B8C ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
19:51:25.0937 0x0cec WZCSVC - ok
19:51:25.0984 0x0cec [ EAA4BB9EDB3FB10CF8979FE65E63658F, B80EB477100FD3E26513360E09DB6EBF0C8D8B0618F1F4BF1F387ABA6DEC9B64 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
19:51:26.0031 0x0cec xmlprov - ok
19:51:26.0062 0x0cec ================ Scan global ===============================
19:51:26.0093 0x0cec [ F36278E42C8C5DF03CE17DAC8231C91C, D012A3C8F394DF4F0BF5D5A4C10E73BBF427762B7D3DB6CF5FAB96536E082B7A ] C:\WINDOWS\system32\basesrv.dll
19:51:26.0140 0x0cec [ 4C0AA4ABC4E21672B55D8A700AF2B2A6, FAC6B8E2698D0EB12A0ACE62EA398AD05AB6AC5C39740A1E8BDAAF0BFDD5B4A3 ] C:\WINDOWS\system32\winsrv.dll
19:51:26.0203 0x0cec [ 4C0AA4ABC4E21672B55D8A700AF2B2A6, FAC6B8E2698D0EB12A0ACE62EA398AD05AB6AC5C39740A1E8BDAAF0BFDD5B4A3 ] C:\WINDOWS\system32\winsrv.dll
19:51:26.0265 0x0cec [ 9EF697AF07BB8DD82C3B02CA953A95B7, F26033E660B8FF1BDB9E88CDA205CE128C03138AF6BEC05DB3CF2D95C16D86C6 ] C:\WINDOWS\system32\services.exe
19:51:26.0265 0x0cec [ Global ] - ok
19:51:26.0281 0x0cec ================ Scan MBR ==================================
19:51:26.0312 0x0cec [ 413FC2A0C716421B3158746D63736515 ] \Device\Harddisk0\DR0
19:51:26.0453 0x0cec \Device\Harddisk0\DR0 - ok
19:51:26.0468 0x0cec [ 5F8B5082F3482CC06B72EC5806598AE9 ] \Device\Harddisk1\DR1
19:51:27.0250 0x0cec \Device\Harddisk1\DR1 - ok
19:51:27.0265 0x0cec ================ Scan VBR ==================================
19:51:27.0265 0x0cec [ 18DA9CBCB78C70745C2844875F7390AE ] \Device\Harddisk0\DR0\Partition1
19:51:27.0296 0x0cec \Device\Harddisk0\DR0\Partition1 - ok
19:51:27.0312 0x0cec [ FE7ECD1D471235C5C50E18448216EEDA ] \Device\Harddisk1\DR1\Partition1
19:51:27.0328 0x0cec \Device\Harddisk1\DR1\Partition1 - ok
19:51:27.0343 0x0cec Waiting for KSN requests completion. In queue: 201
19:51:28.0343 0x0cec Waiting for KSN requests completion. In queue: 201
19:51:29.0343 0x0cec Waiting for KSN requests completion. In queue: 201
19:51:30.0406 0x0cec AV detected via SS1: avast! Antivirus, 5.0.150996950, enabled, updated
19:51:30.0421 0x0cec FW detected via SS1: avast! Internet Security, 5.0.117441938, disabled
19:51:30.0421 0x0cec FW detected via SS1: COMODO Firewall, 6.0, enabled
19:51:32.0781 0x0cec ============================================================
19:51:32.0781 0x0cec Scan finished
19:51:32.0781 0x0cec ============================================================
19:51:32.0796 0x06bc Detected object count: 0
19:51:32.0796 0x06bc Actual detected object count: 0
19:51:55.0609 0x0820 Deinitialize success

guest · Příspěvekod **guest** » 16 pro 2013 20:23

aqswMBR:
aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-12-16 20:11:37
-----------------------------
20:11:37.046 OS Version: Windows 5.1.2600 Service Pack 3
20:11:37.062 Number of processors: 1 586 0x207
20:11:37.062 ComputerName: DELL-E594CDFDDA UserName: Administrator
20:11:48.140 Initialize success
20:11:58.125 AVAST engine defs: 13121600
20:12:06.328 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-4
20:12:06.328 Disk 0 Vendor: HDT722516DLAT80 V43OA96A Size: 157066MB BusType: 3
20:12:06.328 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP0T1L0-c
20:12:06.328 Disk 1 Vendor: WDC_WD400EB-00CPF0 06.04G06 Size: 38166MB BusType: 3
20:12:06.453 Disk 0 MBR read successfully
20:12:06.453 Disk 0 MBR scan
20:12:06.453 Disk 0 Windows XP default MBR code
20:12:06.453 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 157057 MB offset 63
20:12:06.453 Disk 0 scanning sectors +321653430
20:12:06.484 Disk 0 scanning C:\WINDOWS\system32\drivers
20:12:17.875 Service scanning
20:12:37.375 Modules scanning
20:12:51.015 Disk 0 trace - called modules:
20:12:51.515 ntoskrnl.exe CLASSPNP.SYS disk.sys atapi.sys hal.dll pciide.sys PCIIDEX.SYS
20:12:51.515 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8a5cfab8]
20:12:51.531 3 CLASSPNP.SYS[f7637fd7] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-4[0x8a5d3b00]
20:12:51.937 AVAST engine scan C:\WINDOWS
20:12:57.296 AVAST engine scan C:\WINDOWS\system32
20:15:34.421 AVAST engine scan C:\WINDOWS\system32\drivers
20:15:53.968 AVAST engine scan C:\Documents and Settings\Administrator
20:20:09.421 AVAST engine scan C:\Documents and Settings\All Users
20:21:15.015 Scan finished successfully
20:22:05.359 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Administrator\Plocha\MBR.dat"
20:22:05.359 The log file has been saved successfully to "C:\Documents and Settings\Administrator\Plocha\aswMBR.txt"

Příspěvekod **memphisto** » 16 pro 2013 21:23

Vypni rezidentní štít antiviru a antispywaru
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud bude po kontrole problém spustit aplikace nebo bude vyskakovat hláška o pokusu použít neplatnou operaci na klíč registru, který je oznaèen pro odstranění, stačí restartovat počítač.

guest · Příspěvekod **guest** » 16 pro 2013 22:48

ComboFix:
ComboFix 13-10-09.01 - Administrator 16.12.2013 21:37:37.14.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.1279.895 [GMT 1:00]
Spuštěný z: c:\documents and settings\Administrator\Plocha\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: avast! Internet Security *Disabled* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: COMODO Firewall *Enabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Setup.exe
c:\program files\sys
c:\program files\sys\CleanUp.exe
c:\program files\sys\DSndUp.exe
c:\program files\version.txt
c:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\outicon.exe
c:\windows\iun6002.exe
c:\windows\msmqinst.log
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_DEFAULTTABSEARCH
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-11-16 do 2013-12-16 )))))))))))))))))))))))))))))))
.
.
2013-12-16 11:52 . 2013-12-16 18:38 -------- d-----w- C:\AdwCleaner
2013-12-14 10:58 . 2013-12-14 10:58 -------- d-----w- c:\documents and settings\Administrator\Data aplikací\{950EB46C-6AC7-4ACC-AB36-9A6A77C08B6A}
2013-12-14 10:57 . 2013-12-14 10:57 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Data aplikací\iSkysoft
2013-12-14 10:57 . 2013-12-14 10:57 -------- d-----w- c:\program files\Common Files\iSkysoft
2013-12-14 10:56 . 2013-12-14 10:58 -------- d-----w- c:\documents and settings\All Users\Data aplikací\iSkysoft Video Converter Ultimate
2013-12-14 10:56 . 2013-12-14 10:56 -------- d-----w- c:\program files\iSkysoft
2013-12-11 10:28 . 2013-12-11 10:28 -------- d-----w- c:\program files\Common Files\Java
2013-12-11 10:28 . 2013-12-11 10:28 145408 ----a-w- c:\windows\system32\javacpl.cpl
2013-12-11 10:28 . 2013-12-11 10:28 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-12-10 06:54 . 2013-12-10 06:55 -------- d-----w- c:\program files\iCare Data Recovery
2013-12-08 14:28 . 2013-12-08 15:46 -------- d-----r- C:\XXX
2013-12-05 09:25 . 2013-12-05 09:28 -------- d-----w- c:\program files\Paint.NET
2013-12-03 14:56 . 2013-12-10 20:03 74764 ----a-w- c:\windows\system32\drivers\fvstore.dat
2013-12-03 14:49 . 2013-12-03 14:49 -------- d-----w- C:\VTRoot
2013-12-03 14:34 . 2013-12-03 14:35 -------- d-s---w- c:\documents and settings\All Users\Data aplikací\Shared Space
2013-12-03 14:32 . 2013-12-03 14:33 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Comodo
2013-12-03 14:32 . 2013-12-03 14:32 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Comodo Downloader
2013-12-03 14:32 . 2013-12-03 14:32 -------- d-----w- c:\program files\COMODO
2013-11-29 13:18 . 2013-11-29 13:18 664 ----a-w- c:\documents and settings\Administrator\Local Settings\Data aplikací\d3d9caps.tmp
2013-11-24 15:48 . 2013-11-24 15:49 -------- d-----w- C:\RecConsole
2013-11-24 11:22 . 2013-11-24 11:26 -------- d-----w- C:\Zvuky wav
2013-11-23 20:53 . 2013-11-23 20:53 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Data aplikací\cache
2013-11-23 20:52 . 2013-11-23 20:54 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Data aplikací\Mobogenie
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-12-11 07:51 . 2012-04-04 06:41 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-12-11 07:51 . 2011-05-24 07:00 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-11-14 11:38 . 2013-01-16 18:51 587864 ----a-w- c:\windows\system32\drivers\cmdGuard.sys
2013-11-14 11:38 . 2013-01-24 21:43 36000 ----a-w- c:\windows\system32\cmdcsr.dll
2013-11-08 15:36 . 2013-10-12 09:53 403440 ----a-w- c:\windows\system32\drivers\aswsp.sys
2013-10-21 14:56 . 2011-06-08 08:34 57672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-10-21 14:56 . 2013-03-19 11:33 178304 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-10-21 14:56 . 2013-03-19 11:33 49944 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-10-21 14:56 . 2011-06-08 08:34 774392 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-10-21 14:56 . 2013-03-19 11:33 70384 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-10-21 14:56 . 2013-10-12 09:53 35656 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-10-21 14:56 . 2011-06-08 08:34 54832 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2013-10-21 14:56 . 2011-06-08 08:33 269216 ----a-w- c:\windows\system32\aswBoot.exe
2013-10-21 14:56 . 2011-02-25 11:27 43152 ----a-w- c:\windows\avastSS.scr
2013-10-13 11:42 . 2006-03-04 03:35 920064 ----a-w- c:\windows\system32\wininet.dll
2013-10-13 07:12 . 2004-08-18 10:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2013-10-13 07:12 . 2004-08-18 10:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2013-10-13 07:12 . 2004-08-18 10:00 18944 ----a-w- c:\windows\system32\corpol.dll
2013-10-13 06:57 . 2004-08-18 10:00 385024 ----a-w- c:\windows\system32\html.iec
2013-10-12 15:57 . 2004-08-18 10:00 279552 ----a-w- c:\windows\system32\oakley.dll
2013-10-10 08:29 . 2013-10-10 08:29 26624 ----a-w- c:\windows\system32\TrueSight.sys
2013-10-09 13:13 . 2004-08-18 10:00 287744 ----a-w- c:\windows\system32\gdi32.dll
2013-10-07 11:00 . 2004-08-18 10:00 606208 ----a-w- c:\windows\system32\crypt32.dll
2013-10-05 01:42 . 2008-05-05 05:25 7168 ----a-w- c:\windows\system32\xpsp4res.dll
2013-09-24 10:53 . 2013-01-16 18:51 96216 ----a-w- c:\windows\system32\drivers\inspect.sys
2013-09-24 10:53 . 2013-01-16 18:51 30552 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2013-09-24 10:53 . 2013-01-16 18:51 15704 ----a-w- c:\windows\system32\drivers\cmderd.sys
2013-09-24 10:53 . 2013-01-24 21:43 354240 ----a-w- c:\windows\system32\guard32.dll
2013-09-24 10:53 . 2013-01-24 21:42 280792 ----a-w- c:\windows\system32\cmdvrt32.dll
2013-09-24 10:53 . 2013-01-24 21:42 40664 ----a-w- c:\windows\system32\cmdkbd32.dll
2002-12-19 15:49 . 2013-10-10 09:03 476 ----a-w- c:\program files\layout.bin
2002-06-19 13:26 . 2013-10-10 09:03 40960 ----a-w- c:\program files\AEEnable.exe
2002-04-22 11:40 . 2013-10-10 09:03 45056 ----a-w- c:\program files\adminchk.dll
2001-08-24 14:45 . 2013-10-10 09:03 61440 ----a-w- c:\program files\RemADI.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-10-21 14:55 321752 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Facebook Update"="c:\documents and settings\Administrator\Local Settings\Data aplikací\Facebook\Update\FacebookUpdate.exe" [2013-09-29 138096]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb06.exe" [2002-07-11 188416]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2013-10-21 3567800]
"Matrox PowerDesk SE"="c:\program files\Matrox Graphics Inc\PowerDesk SE\Matrox.PowerDesk SE.exe" [2010-02-11 4246784]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cistray.exe" [2013-11-11 1576152]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
Timer Wizard.lnk - c:\program files\Timer Wizard\Timer Wizard.exe CMDARG_STRAY [2005-6-5 225280]
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\VSO\\VSO Downloader\\2\\VsoDownloader.exe"=
"c:\\Program Files\\ICQ7M\\ICQ.exe"=
"c:\\Documents and Settings\\Administrator\\Local Settings\\Data aplikací\\Facebook\\Video\\Skype\\FacebookVideoCalling.exe"=
"c:\\Program Files\\TeamViewer\\Version8\\TeamViewer.exe"=
"c:\\Program Files\\TeamViewer\\Version8\\TeamViewer_Service.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2013-09-05 171680]
R3 cmdvirth;COMODO Virtual Service Manager;c:\program files\COMODO\COMODO Internet Security\cmdvirth.exe [2013-09-24 131288]
R3 GSService;GSService;c:\windows\system32\GSService.exe [2010-10-29 364544]
R3 s0016bus;Sony Ericsson Device 0016 driver (WDM);c:\windows\system32\DRIVERS\s0016bus.sys [2008-05-16 89256]
R3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s0016mdfl.sys [2008-05-16 15016]
R3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s0016mdm.sys [2008-05-16 120744]
R3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s0016mgmt.sys [2008-05-16 114216]
R3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS);c:\windows\system32\DRIVERS\s0016nd5.sys [2008-05-16 25512]
R3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s0016obex.sys [2008-05-16 110632]
R3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM);c:\windows\system32\DRIVERS\s0016unic.sys [2008-05-16 115752]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S1 aswKbd;aswKbd; [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2013-10-21 774392]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2013-11-08 403440]
S1 cmderd;COMODO Internet Security Eradication Driver;c:\windows\system32\DRIVERS\cmderd.sys [2013-09-24 15704]
S1 cmdGuard;COMODO Internet Security Driver;c:\windows\system32\DRIVERS\cmdguard.sys [2013-11-14 587864]
S1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys [2013-09-24 30552]
S2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2013-10-21 35656]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2013-10-21 70384]
S2 Matrox Centering Service;Matrox Centering Service;c:\program files\Matrox Graphics Inc\PowerDesk\Services\Matrox.PowerDesk.Services.exe [2010-02-11 1266944]
S2 Matrox.Pdesk.ServicesHost;Matrox.Pdesk.ServicesHost;c:\program files\Matrox Graphics Inc\PowerDesk SE\Matrox.Pdesk.ServicesHost.exe [2010-02-11 344832]
S2 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2010-07-16 35088]
S2 TeamViewer8;TeamViewer 8;c:\program files\TeamViewer\Version8\TeamViewer_Service.exe [2013-10-01 5087584]
S3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\DRIVERS\seehcri.sys [2008-01-09 27632]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2013-12-16 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-04 07:51]
.
2013-12-16 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2013-10-12 14:55]
.
2013-12-16 c:\windows\Tasks\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85}.job
- c:\program files\COMODO\COMODO Internet Security\cfpconfg.exe [2013-01-24 14:58]
.
.
------- Doplňkový sken -------
.
mSearch Bar = hxxp://www.google.com/ie
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\Microsoft Office\OFFICE11\EXCEL.EXE/3000
IE: {{781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - c:\program files\ICQ7M\ICQ.exe
TCP: DhcpNameServer = 46.30.232.3 217.168.208.20 217.168.208.21
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
ShellIconOverlayIdentifiers-{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} - (no file)
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Microsoft Office Outlook 2003.lnk - c:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\outicon.exe
MSConfigStartUp-mobilegeni daemon - c:\program files\Mobogenie\DaemonProcess.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-12-16 22:00
Windows 5.1.2600 Service Pack 3 NTFS
.
detected NTDLL code modification:
ZwClose
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1229272821-1960408961-839522115-500\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (Administrator)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,1b,1c,7e,d2,f0,07,d6,40,95,f9,3a,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,42,78,b3,80,34,0f,c8,49,97,5d,67,\
"6256FFB019F8FDFBD36745B06F4540E9AEAF222A25"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,bf,2d,f2,31,42,b3,0e,42,98,6f,99,\
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'lsass.exe'(908)
c:\windows\system32\MPR.dll
c:\windows\system32\guard32.dll
c:\windows\system32\mswsock.dll
c:\windows\System32\wshtcpip.dll
.
- - - - - - - > 'explorer.exe'(1700)
c:\windows\system32\guard32.dll
c:\windows\system32\MPR.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\WS2_32.dll
c:\windows\system32\WS2HELP.dll
c:\windows\system32\mswsock.dll
c:\windows\System32\wshtcpip.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
c:\program files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll
.
- - - - - - - > 'csrss.exe'(820)
c:\windows\system32\cmdcsr.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\COMODO\COMODO Internet Security\cmdagent.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files\Java\jre7\bin\jqs.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\windows\system32\mgabg.exe
c:\program files\Microsoft Office\OFFICE11\OUTLOOK.EXE
c:\program files\Timer Wizard\Timer Wizard.exe
c:\program files\Microsoft Office\OFFICE11\WINWORD.EXE
c:\program files\COMODO\COMODO Internet Security\cavwp.exe
c:\program files\COMODO\COMODO Internet Security\cis.exe
c:\program files\COMODO\COMODO Internet Security\cmdupd.exe
.
**************************************************************************
.
Celkový čas: 2013-12-16 22:42:28 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-12-16 21:42
.
Před spuštěním: Volných bajtů: 130 692 349 952
Po spuštění: Volných bajtů: 130 537 566 208
.
- - End Of File - - 1AAF87415D7AC65269C87CAF4E9996FD
413FC2A0C716421B3158746D63736515

Příspěvekod **jaro3** » 17 pro 2013 10:26

FW: avast! Internet Security *Disabled* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: COMODO Firewall *Enabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}

2 firewally..-

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:

Kód: Vybrat vše

ClearJavaCache::

KillAll::
File::
c:\documents and settings\Administrator\Local Settings\Data aplikací\d3d9caps.tmp

Folder::
c:\documents and settings\Administrator\Local Settings\Data aplikací\Facebook\Update
c:\program files\Skype\Updater

DirLook::
c:\documents and settings\Administrator\Local Settings\Data aplikací\cache

Driver::
SkypeUpdate

Registry::
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Facebook Update"=-
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000000

RegLock::
[HKEY_USERS\S-1-5-21-1229272821-1960408961-839522115-500\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (Administrator)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
 d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,1b,1c,7e,d2,f0,07,d6,40,95,f9,3a,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
 d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,42,78,b3,80,34,0f,c8,49,97,5d,67,\
"6256FFB019F8FDFBD36745B06F4540E9AEAF222A25"=hex:01,00,00,00,d0,8c,9d,df,01,15,
 d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,bf,2d,f2,31,42,b3,0e,42,98,6f,99,\
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.

guest · Příspěvekod **guest** » 17 pro 2013 10:31

Nevím proč to píše, ale free Avast Firewall nemá. Jdu na pokračování.

guest · Příspěvekod **guest** » 17 pro 2013 12:10

S tím ComboFixem se mi asi nedaří. Přetáhl jsem ten a CF hlásil že je prošlý a tak jsem potvrdil omezenou práci. Pak to nešlo vůbec.
Stáhl jsem tedy novou verzi, přetáhl script, ale asi se to nevyčistilo, jenom zkontrolovalo. Mám to s tím scriptem udělat zbovu?

CF:
ComboFix 13-12-16.01 - Administrator 17.12.2013 10:55:37.15.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.1279.913 [GMT 1:00]
Spuštěný z: c:\documents and settings\Administrator\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Administrator\Plocha\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: avast! Internet Security *Disabled* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: COMODO Firewall *Enabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}
.
FILE ::
"c:\documents and settings\Administrator\Local Settings\Data aplikací\d3d9caps.tmp"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Skype\Updater
c:\program files\Skype\Updater\Updater.dll
c:\program files\Skype\Updater\Updater.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_SKYPEUPDATE
-------\Service_SkypeUpdate
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-11-17 do 2013-12-17 )))))))))))))))))))))))))))))))
.
.
2013-12-16 11:52 . 2013-12-16 18:38 -------- d-----w- C:\AdwCleaner
2013-12-14 10:58 . 2013-12-14 10:58 -------- d-----w- c:\documents and settings\Administrator\Data aplikací\{950EB46C-6AC7-4ACC-AB36-9A6A77C08B6A}
2013-12-14 10:57 . 2013-12-14 10:57 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Data aplikací\iSkysoft
2013-12-14 10:57 . 2013-12-14 10:57 -------- d-----w- c:\program files\Common Files\iSkysoft
2013-12-14 10:56 . 2013-12-14 10:58 -------- d-----w- c:\documents and settings\All Users\Data aplikací\iSkysoft Video Converter Ultimate
2013-12-14 10:56 . 2013-12-14 10:56 -------- d-----w- c:\program files\iSkysoft
2013-12-11 10:28 . 2013-12-11 10:28 -------- d-----w- c:\program files\Common Files\Java
2013-12-11 10:28 . 2013-12-11 10:28 145408 ----a-w- c:\windows\system32\javacpl.cpl
2013-12-11 10:28 . 2013-12-11 10:28 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-12-10 06:54 . 2013-12-10 06:55 -------- d-----w- c:\program files\iCare Data Recovery
2013-12-08 14:28 . 2013-12-08 15:46 -------- d-----r- C:\XXX
2013-12-05 09:25 . 2013-12-05 09:28 -------- d-----w- c:\program files\Paint.NET
2013-12-03 14:56 . 2013-12-10 20:03 74764 ----a-w- c:\windows\system32\drivers\fvstore.dat
2013-12-03 14:49 . 2013-12-03 14:49 -------- d-----w- C:\VTRoot
2013-12-03 14:34 . 2013-12-03 14:35 -------- d-s---w- c:\documents and settings\All Users\Data aplikací\Shared Space
2013-12-03 14:32 . 2013-12-03 14:33 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Comodo
2013-12-03 14:32 . 2013-12-03 14:32 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Comodo Downloader
2013-12-03 14:32 . 2013-12-03 14:32 -------- d-----w- c:\program files\COMODO
2013-11-29 13:18 . 2013-11-29 13:18 664 ----a-w- c:\documents and settings\Administrator\Local Settings\Data aplikací\d3d9caps.tmp
2013-11-24 15:48 . 2013-11-24 15:49 -------- d-----w- C:\RecConsole
2013-11-24 11:22 . 2013-11-24 11:26 -------- d-----w- C:\Zvuky wav
2013-11-23 20:53 . 2013-11-23 20:53 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Data aplikací\cache
2013-11-23 20:52 . 2013-11-23 20:54 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Data aplikací\Mobogenie
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-12-11 07:51 . 2012-04-04 06:41 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-12-11 07:51 . 2011-05-24 07:00 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-11-14 11:38 . 2013-01-16 18:51 587864 ----a-w- c:\windows\system32\drivers\cmdGuard.sys
2013-11-14 11:38 . 2013-01-24 21:43 36000 ----a-w- c:\windows\system32\cmdcsr.dll
2013-11-08 15:36 . 2013-10-12 09:53 403440 ----a-w- c:\windows\system32\drivers\aswsp.sys
2013-10-21 14:56 . 2011-06-08 08:34 57672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-10-21 14:56 . 2013-03-19 11:33 178304 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-10-21 14:56 . 2013-03-19 11:33 49944 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-10-21 14:56 . 2011-06-08 08:34 774392 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-10-21 14:56 . 2013-03-19 11:33 70384 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-10-21 14:56 . 2013-10-12 09:53 35656 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-10-21 14:56 . 2011-06-08 08:34 54832 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2013-10-21 14:56 . 2011-06-08 08:33 269216 ----a-w- c:\windows\system32\aswBoot.exe
2013-10-21 14:56 . 2011-02-25 11:27 43152 ----a-w- c:\windows\avastSS.scr
2013-10-13 11:42 . 2006-03-04 03:35 920064 ----a-w- c:\windows\system32\wininet.dll
2013-10-13 07:12 . 2004-08-18 10:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2013-10-13 07:12 . 2004-08-18 10:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2013-10-13 07:12 . 2004-08-18 10:00 18944 ----a-w- c:\windows\system32\corpol.dll
2013-10-13 06:57 . 2004-08-18 10:00 385024 ----a-w- c:\windows\system32\html.iec
2013-10-12 15:57 . 2004-08-18 10:00 279552 ----a-w- c:\windows\system32\oakley.dll
2013-10-10 08:29 . 2013-10-10 08:29 26624 ----a-w- c:\windows\system32\TrueSight.sys
2013-10-09 13:13 . 2004-08-18 10:00 287744 ----a-w- c:\windows\system32\gdi32.dll
2013-10-07 11:00 . 2004-08-18 10:00 606208 ----a-w- c:\windows\system32\crypt32.dll
2013-10-05 01:42 . 2008-05-05 05:25 7168 ----a-w- c:\windows\system32\xpsp4res.dll
2013-09-24 10:53 . 2013-01-16 18:51 96216 ----a-w- c:\windows\system32\drivers\inspect.sys
2013-09-24 10:53 . 2013-01-16 18:51 30552 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2013-09-24 10:53 . 2013-01-16 18:51 15704 ----a-w- c:\windows\system32\drivers\cmderd.sys
2013-09-24 10:53 . 2013-01-24 21:43 354240 ----a-w- c:\windows\system32\guard32.dll
2013-09-24 10:53 . 2013-01-24 21:42 280792 ----a-w- c:\windows\system32\cmdvrt32.dll
2013-09-24 10:53 . 2013-01-24 21:42 40664 ----a-w- c:\windows\system32\cmdkbd32.dll
2002-12-19 15:49 . 2013-10-10 09:03 476 ----a-w- c:\program files\layout.bin
2002-06-19 13:26 . 2013-10-10 09:03 40960 ----a-w- c:\program files\AEEnable.exe
2002-04-22 11:40 . 2013-10-10 09:03 45056 ----a-w- c:\program files\adminchk.dll
2001-08-24 14:45 . 2013-10-10 09:03 61440 ----a-w- c:\program files\RemADI.exe
.
.
(((((((((((((((((((((((((((((((((((((((((((( Look )))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
---- Directory of c:\documents and settings\Administrator\Local Settings\Data aplikací\cache ----
.
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-10-21 14:55 321752 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb06.exe" [2002-07-11 188416]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2013-10-21 3567800]
"Matrox PowerDesk SE"="c:\program files\Matrox Graphics Inc\PowerDesk SE\Matrox.PowerDesk SE.exe" [2010-02-11 4246784]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cistray.exe" [2013-11-11 1576152]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
Timer Wizard.lnk - c:\program files\Timer Wizard\Timer Wizard.exe CMDARG_STRAY [2005-6-5 225280]
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\VSO\\VSO Downloader\\2\\VsoDownloader.exe"=
"c:\\Program Files\\ICQ7M\\ICQ.exe"=
"c:\\Documents and Settings\\Administrator\\Local Settings\\Data aplikací\\Facebook\\Video\\Skype\\FacebookVideoCalling.exe"=
"c:\\Program Files\\TeamViewer\\Version8\\TeamViewer.exe"=
"c:\\Program Files\\TeamViewer\\Version8\\TeamViewer_Service.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
R3 cmdvirth;COMODO Virtual Service Manager;c:\program files\COMODO\COMODO Internet Security\cmdvirth.exe [2013-09-24 131288]
R3 GSService;GSService;c:\windows\system32\GSService.exe [2010-10-29 364544]
R3 s0016bus;Sony Ericsson Device 0016 driver (WDM);c:\windows\system32\DRIVERS\s0016bus.sys [2008-05-16 89256]
R3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s0016mdfl.sys [2008-05-16 15016]
R3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s0016mdm.sys [2008-05-16 120744]
R3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s0016mgmt.sys [2008-05-16 114216]
R3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS);c:\windows\system32\DRIVERS\s0016nd5.sys [2008-05-16 25512]
R3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s0016obex.sys [2008-05-16 110632]
R3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM);c:\windows\system32\DRIVERS\s0016unic.sys [2008-05-16 115752]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S1 aswKbd;aswKbd; [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2013-10-21 774392]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2013-11-08 403440]
S1 cmderd;COMODO Internet Security Eradication Driver;c:\windows\system32\DRIVERS\cmderd.sys [2013-09-24 15704]
S1 cmdGuard;COMODO Internet Security Driver;c:\windows\system32\DRIVERS\cmdguard.sys [2013-11-14 587864]
S1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys [2013-09-24 30552]
S2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2013-10-21 35656]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2013-10-21 70384]
S2 Matrox Centering Service;Matrox Centering Service;c:\program files\Matrox Graphics Inc\PowerDesk\Services\Matrox.PowerDesk.Services.exe [2010-02-11 1266944]
S2 Matrox.Pdesk.ServicesHost;Matrox.Pdesk.ServicesHost;c:\program files\Matrox Graphics Inc\PowerDesk SE\Matrox.Pdesk.ServicesHost.exe [2010-02-11 344832]
S2 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2010-07-16 35088]
S2 TeamViewer8;TeamViewer 8;c:\program files\TeamViewer\Version8\TeamViewer_Service.exe [2013-10-01 5087584]
S3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\DRIVERS\seehcri.sys [2008-01-09 27632]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2013-12-17 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-04 07:51]
.
2013-12-17 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2013-10-12 14:55]
.
2013-12-17 c:\windows\Tasks\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85}.job
- c:\program files\COMODO\COMODO Internet Security\cfpconfg.exe [2013-01-24 14:58]
.
.
------- Doplňkový sken -------
.
mSearch Bar = hxxp://www.google.com/ie
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\Microsoft Office\OFFICE11\EXCEL.EXE/3000
IE: {{781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - c:\program files\ICQ7M\ICQ.exe
TCP: DhcpNameServer = 46.30.232.3 217.168.208.20 217.168.208.21
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-12-17 11:16
Windows 5.1.2600 Service Pack 3 NTFS
.
detected NTDLL code modification:
ZwClose
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'lsass.exe'(904)
c:\windows\system32\MPR.dll
c:\windows\system32\guard32.dll
c:\windows\system32\mswsock.dll
c:\windows\System32\wshtcpip.dll
.
- - - - - - - > 'explorer.exe'(3464)
c:\windows\system32\guard32.dll
c:\windows\system32\MPR.dll
c:\windows\system32\WS2_32.dll
c:\windows\system32\WS2HELP.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\mswsock.dll
c:\windows\System32\wshtcpip.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
- - - - - - - > 'csrss.exe'(820)
c:\windows\system32\cmdcsr.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\COMODO\COMODO Internet Security\cmdagent.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files\Java\jre7\bin\jqs.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\windows\system32\mgabg.exe
c:\program files\Timer Wizard\Timer Wizard.exe
c:\program files\COMODO\COMODO Internet Security\cavwp.exe
c:\program files\COMODO\COMODO Internet Security\cis.exe
c:\windows\SoftwareDistribution\Download\d407fffe5d108edaa4b8a01325aec6bf\update\update.exe
.
**************************************************************************
.
Celkový čas: 2013-12-17 12:03:47 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-12-17 11:03
ComboFix2.txt 2013-12-16 21:42
.
Před spuštěním: Volných bajtů: 130 324 316 160
Po spuštění: Volných bajtů: 130 032 414 720
.
- - End Of File - - F79A238D8574213B24FB8E2744339BF8
413FC2A0C716421B3158746D63736515

Prosím o kontrolo logu Vyřešeno

Prosím o kontrolo logu

Re: Prosím o kontrolo logu

Re: Prosím o kontrolo logu

Re: Prosím o kontrolo logu

Re: Prosím o kontrolo logu

Re: Prosím o kontrolo logu

Re: Prosím o kontrolo logu

Re: Prosím o kontrolo logu

Re: Prosím o kontrolo logu

Re: Prosím o kontrolo logu

Re: Prosím o kontrolo logu

Re: Prosím o kontrolo logu

Kdo je online