Prosím o kontrolu logu z notebooku Vyřešeno

[Airm]

Dobrý den chtěl jsem vás požádat o zkontrolování logu mého notebooku protože už 3 den při surfování na internetu se začne zpomalovat celý počítač. Pročistil jsem PC CCleanerem ale nepomohlo.


Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:15:13, on 24.6.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\igfxsrvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\System32\igfxpers.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\Program Files\Microsoft\BingBar\7.1.362.0\SeaPort.exe
C:\Documents and Settings\Ja\Dokumenty\Downloads\hijackthis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\7.1.362.0\BingExt.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files\Microsoft\BingBar\7.1.362.0\BingExt.dll" (file missing)
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\System32\igfxpers.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_11_2_202_235_ActiveX.exe -update activex
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O20 - Winlogon Notify: Antiwpa - antiwpa.dll (file missing)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Realtime Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe

--
End of file - 5173 bytes

[Reklama]

[jaro3]

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod

Kód: Vybrat vše

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files\Microsoft\BingBar\7.1.362.0\BingExt.dll" (file missing)
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_11_2_202_235_ActiveX.exe -update activex

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Provést rychlý sken a klikni na tlačítko Skenovat
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Zobrazit výsledky
- pak zvol možnost uložit log a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

Pokud budou problémy , spusť v nouz. režimu.

Po vyčištění si nainstaluj nějaký free firewall.

[Airm]

Používám Avira ... to snad stačí né ?

Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware) 1.61.0.1400
http://www.malwarebytes.org

Verze databáze: v2012.06.25.05

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Ja :: NOTEBOOK [administrátor]

Ochrana: Povolena

25.6.2012 10:21:23
mbam-log-2012-06-25 (10-24-21).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 180457
Uplynulý čas: 2 minut, 10 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 1
C:\WINDOWS\system32\antiwpa.dll (PUP.Wpakill) -> Žádná instrukce nebyla provedena.

Nalezené klíče v registru: 2
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Antiwpa (PUP.Wpakill) -> Žádná instrukce nebyla provedena.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Antiwpa (Trojan.I.Stole.Windows) -> Žádná instrukce nebyla provedena.

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 2
C:\WINDOWS\system32\antiwpa.dll (PUP.Wpakill) -> Žádná instrukce nebyla provedena.
C:\WINDOWS\system32\antiwpa.dll (Trojan.I.Stole.Windows) -> Žádná instrukce nebyla provedena.

(konec)

[jaro3]

Avira free nemá firewall...

. Takže spusť znovu MbAM a dej Scan
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Ukaž výsledky
- ujisti se že máš zatrhnuté všechny vypsané nálezy a klikni na tlačítko Odstranit označené
- když skončí odstraňování tak se ti zobrazí log, tak ho sem dej.
- pak zvol v programu OK a pak program ukonči přes Exit

Můžeš sem pak vložit nový log z MbAM.


Stáhni si TDSSKiller

Na svojí plochu.Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller.2.2.7.1._(datum)_log.txt , vlož sem prosím celý obsah logu.

Fixni si ještě v HJT:

Kód: Vybrat vše

O20 - Winlogon Notify: Antiwpa - antiwpa.dll (file missing)

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

[Airm]

22:45:08.0625 3216 TDSS rootkit removing tool 2.7.43.0 Jun 29 2012 17:54:22
22:45:08.0937 3216 ============================================================
22:45:08.0937 3216 Current date / time: 2012/07/01 22:45:08.0937
22:45:08.0937 3216 SystemInfo:
22:45:08.0937 3216
22:45:08.0937 3216 OS Version: 5.1.2600 ServicePack: 3.0
22:45:08.0937 3216 Product type: Workstation
22:45:08.0937 3216 ComputerName: NOTEBOOK
22:45:08.0937 3216 UserName: Ja
22:45:08.0937 3216 Windows directory: C:\WINDOWS
22:45:08.0937 3216 System windows directory: C:\WINDOWS
22:45:08.0937 3216 Processor architecture: Intel x86
22:45:08.0937 3216 Number of processors: 2
22:45:08.0937 3216 Page size: 0x1000
22:45:08.0937 3216 Boot type: Normal boot
22:45:08.0937 3216 ============================================================
22:45:11.0187 3216 Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
22:45:11.0187 3216 ============================================================
22:45:11.0187 3216 \Device\Harddisk0\DR0:
22:45:11.0187 3216 MBR partitions:
22:45:11.0187 3216 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x30D3C74
22:45:11.0203 3216 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x30D3CF2, BlocksNum 0x643690E
22:45:11.0203 3216 ============================================================
22:45:11.0234 3216 C: <-> \Device\Harddisk0\DR0\Partition0
22:45:11.0312 3216 D: <-> \Device\Harddisk0\DR0\Partition1
22:45:11.0328 3216 ============================================================
22:45:11.0328 3216 Initialize success
22:45:11.0328 3216 ============================================================
22:45:13.0890 2672 ============================================================
22:45:13.0890 2672 Scan started
22:45:13.0890 2672 Mode: Manual;
22:45:13.0890 2672 ============================================================
22:45:14.0890 2672 Abiosdsk - ok
22:45:14.0906 2672 abp480n5 - ok
22:45:14.0937 2672 ACPI (4fe34f1f3126b61fcc6b2043aa8112c9) C:\WINDOWS\system32\DRIVERS\ACPI.sys
22:45:14.0953 2672 ACPI - ok
22:45:14.0968 2672 ACPIEC (afdff022a01f0b11c776f0860c3b282f) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
22:45:14.0968 2672 ACPIEC - ok
22:45:15.0000 2672 ADIHdAudAddService (4e12c97cbfe99be15d7680918f9899ec) C:\WINDOWS\system32\drivers\ADIHdAud.sys
22:45:15.0000 2672 ADIHdAudAddService - ok
22:45:15.0093 2672 AdobeFlashPlayerUpdateSvc (990dc6edc9f933194d7cd4e65146bc94) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
22:45:15.0093 2672 AdobeFlashPlayerUpdateSvc - ok
22:45:15.0109 2672 adpu160m - ok
22:45:15.0140 2672 AEAudio (fff87a9b1ab36ee4b7bec98a4cb01b79) C:\WINDOWS\system32\drivers\AEAudio.sys
22:45:15.0140 2672 AEAudio - ok
22:45:15.0203 2672 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
22:45:15.0203 2672 aec - ok
22:45:15.0250 2672 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
22:45:15.0250 2672 AFD - ok
22:45:15.0265 2672 Aha154x - ok
22:45:15.0265 2672 aic78u2 - ok
22:45:15.0281 2672 aic78xx - ok
22:45:15.0343 2672 ALG (88842de939a827577bf24243699ac80a) C:\WINDOWS\System32\alg.exe
22:45:15.0343 2672 ALG - ok
22:45:15.0359 2672 AliIde - ok
22:45:15.0359 2672 amsint - ok
22:45:15.0656 2672 AntiVirSchedulerService (0a1cc583e8147004e4ad4625d7fbf88c) C:\Program Files\Avira\AntiVir Desktop\sched.exe
22:45:15.0656 2672 AntiVirSchedulerService - ok
22:45:15.0781 2672 AntiVirService (c9a36ef935aced86aedf93e97e606911) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
22:45:15.0796 2672 AntiVirService - ok
22:45:15.0796 2672 AppMgmt - ok
22:45:15.0843 2672 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
22:45:15.0843 2672 Arp1394 - ok
22:45:15.0843 2672 asc - ok
22:45:15.0843 2672 asc3350p - ok
22:45:15.0859 2672 asc3550 - ok
22:45:15.0875 2672 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
22:45:15.0875 2672 AsyncMac - ok
22:45:15.0906 2672 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
22:45:15.0906 2672 atapi - ok
22:45:15.0906 2672 Atdisk - ok
22:45:15.0937 2672 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
22:45:15.0937 2672 Atmarpc - ok
22:45:15.0953 2672 AudioSrv (de31b88962a8645dba5a37b993e7b0f1) C:\WINDOWS\System32\audiosrv.dll
22:45:15.0953 2672 AudioSrv - ok
22:45:15.0984 2672 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
22:45:15.0984 2672 audstub - ok
22:45:16.0000 2672 avgntflt (d5541f0afb767e85fc412fc609d96a74) C:\WINDOWS\system32\DRIVERS\avgntflt.sys
22:45:16.0000 2672 avgntflt - ok
22:45:16.0062 2672 avipbb (7d967a682d4694df7fa57d63a2db01fe) C:\WINDOWS\system32\DRIVERS\avipbb.sys
22:45:16.0062 2672 avipbb - ok
22:45:16.0078 2672 avkmgr (271cfd1a989209b1964e24d969552bf7) C:\WINDOWS\system32\DRIVERS\avkmgr.sys
22:45:16.0078 2672 avkmgr - ok
22:45:16.0156 2672 BBSvc (47480f4260dae9aa589bcaf924b3767a) C:\Program Files\Microsoft\BingBar\7.1.362.0\BBSvc.exe
22:45:16.0156 2672 BBSvc - ok
22:45:16.0203 2672 BBUpdate (6bf743cbf3bcd09dab79245e60e1ae62) C:\Program Files\Microsoft\BingBar\7.1.362.0\SeaPort.exe
22:45:16.0203 2672 BBUpdate - ok
22:45:16.0265 2672 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
22:45:16.0265 2672 Beep - ok
22:45:16.0328 2672 BITS (19395d092fd85ddc2d9c7729cf5a2ac8) C:\WINDOWS\System32\qmgr.dll
22:45:16.0343 2672 BITS - ok
22:45:16.0375 2672 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
22:45:16.0375 2672 cbidf2k - ok
22:45:16.0375 2672 cd20xrnt - ok
22:45:16.0390 2672 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
22:45:16.0390 2672 Cdaudio - ok
22:45:16.0421 2672 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
22:45:16.0421 2672 Cdfs - ok
22:45:16.0453 2672 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
22:45:16.0453 2672 Cdrom - ok
22:45:16.0453 2672 Changer - ok
22:45:16.0484 2672 CiSvc (e390dc1d7c461d7d56ec53402f329928) C:\WINDOWS\system32\cisvc.exe
22:45:16.0484 2672 CiSvc - ok
22:45:16.0484 2672 ClipSrv (064507a8dfa8c5c7e2ffddd3e6f424fa) C:\WINDOWS\system32\clipsrv.exe
22:45:16.0484 2672 ClipSrv - ok
22:45:16.0515 2672 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
22:45:16.0515 2672 CmBatt - ok
22:45:16.0515 2672 CmdIde - ok
22:45:16.0531 2672 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
22:45:16.0531 2672 Compbatt - ok
22:45:16.0546 2672 COMSysApp - ok
22:45:16.0546 2672 Cpqarray - ok
22:45:16.0562 2672 CryptSvc (f3ab0933cbd166d271992f411c27ccaf) C:\WINDOWS\System32\cryptsvc.dll
22:45:16.0562 2672 CryptSvc - ok
22:45:16.0578 2672 dac2w2k - ok
22:45:16.0578 2672 dac960nt - ok
22:45:16.0656 2672 DcomLaunch (be27674d1cbc3214aec84b4336a38bbf) C:\WINDOWS\system32\rpcss.dll
22:45:16.0656 2672 DcomLaunch - ok
22:45:16.0671 2672 Dhcp (8c9a53e285ac5e6704844d0459ec85be) C:\WINDOWS\System32\dhcpcsvc.dll
22:45:16.0671 2672 Dhcp - ok
22:45:16.0687 2672 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
22:45:16.0687 2672 Disk - ok
22:45:16.0687 2672 dmadmin - ok
22:45:16.0765 2672 dmboot (db5fd2bf5b07dc54bfcb3664ff05bd7c) C:\WINDOWS\system32\drivers\dmboot.sys
22:45:16.0781 2672 dmboot - ok
22:45:16.0828 2672 dmio (fff1720af51171f32f1ead5cf71f2810) C:\WINDOWS\system32\drivers\dmio.sys
22:45:16.0828 2672 dmio - ok
22:45:16.0875 2672 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
22:45:16.0875 2672 dmload - ok
22:45:16.0906 2672 dmserver (2bfefe9e865655a76982f050450b9591) C:\WINDOWS\System32\dmserver.dll
22:45:16.0906 2672 dmserver - ok
22:45:16.0937 2672 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
22:45:16.0937 2672 DMusic - ok
22:45:16.0968 2672 Dnscache (dfaa406bf19f4ee806a6f8d4342137f7) C:\WINDOWS\System32\dnsrslvr.dll
22:45:16.0968 2672 Dnscache - ok
22:45:17.0031 2672 Dot3svc (4a3e2bd20157a0946751229e92eb8621) C:\WINDOWS\System32\dot3svc.dll
22:45:17.0031 2672 Dot3svc - ok
22:45:17.0031 2672 dpti2o - ok
22:45:17.0046 2672 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
22:45:17.0046 2672 drmkaud - ok
22:45:17.0125 2672 dtsoftbus01 (687af6bb383885ff6a64071b189a7f3e) C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys
22:45:17.0125 2672 dtsoftbus01 - ok
22:45:17.0156 2672 eabfiltr (b5cb3084046146fd2587d8c9b219feb4) C:\WINDOWS\system32\DRIVERS\eabfiltr.sys
22:45:17.0156 2672 eabfiltr - ok
22:45:17.0156 2672 eabusb (231f4547ae1e4b3e60eca66c3a96d218) C:\WINDOWS\system32\DRIVERS\eabusb.sys
22:45:17.0156 2672 eabusb - ok
22:45:17.0187 2672 EapHost (0887d9c2be8d940778cad1e3b85f2a41) C:\WINDOWS\System32\eapsvc.dll
22:45:17.0203 2672 EapHost - ok
22:45:17.0234 2672 ERSvc (a2a4912798f2be706abadd3d30800d16) C:\WINDOWS\System32\ersvc.dll
22:45:17.0234 2672 ERSvc - ok
22:45:17.0281 2672 Eventlog (9ef697af07bb8dd82c3b02ca953a95b7) C:\WINDOWS\system32\services.exe
22:45:17.0296 2672 Eventlog - ok
22:45:17.0359 2672 EventSystem (a371f11ef07653591c8de26afb13ce7f) C:\WINDOWS\System32\es.dll
22:45:17.0359 2672 EventSystem - ok
22:45:17.0406 2672 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
22:45:17.0406 2672 Fastfat - ok
22:45:17.0453 2672 FastUserSwitchingCompatibility (ee9a2b9ea968a792a053c9d1a86bf870) C:\WINDOWS\System32\shsvcs.dll
22:45:17.0453 2672 FastUserSwitchingCompatibility - ok
22:45:17.0468 2672 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
22:45:17.0468 2672 Fdc - ok
22:45:17.0484 2672 Fips (ac366695a0796560aa37215ad5762aaf) C:\WINDOWS\system32\drivers\Fips.sys
22:45:17.0484 2672 Fips - ok
22:45:17.0500 2672 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
22:45:17.0500 2672 Flpydisk - ok
22:45:17.0546 2672 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
22:45:17.0546 2672 FltMgr - ok
22:45:17.0578 2672 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
22:45:17.0578 2672 Fs_Rec - ok
22:45:17.0609 2672 Ftdisk (4e664d8541db4a66b73a24257e322e1f) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
22:45:17.0609 2672 Ftdisk - ok
22:45:17.0640 2672 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
22:45:17.0640 2672 Gpc - ok
22:45:17.0671 2672 HBtnKey (4d4d97671c63c3af869b3518e6054204) C:\WINDOWS\system32\DRIVERS\cpqbttn.sys
22:45:17.0671 2672 HBtnKey - ok
22:45:17.0687 2672 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
22:45:17.0687 2672 HDAudBus - ok
22:45:17.0765 2672 helpsvc (fcfe31fb75f8a6295b6b0af87a626282) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
22:45:17.0765 2672 helpsvc - ok
22:45:17.0765 2672 HidServ - ok
22:45:17.0781 2672 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
22:45:17.0781 2672 hidusb - ok
22:45:17.0828 2672 hkmsvc (7a6b320928f86bc851530d63c82965d9) C:\WINDOWS\System32\kmsvc.dll
22:45:17.0828 2672 hkmsvc - ok
22:45:17.0843 2672 hpn - ok
22:45:17.0859 2672 HpqKbFiltr (35956140e686d53bf676cf0c778880fc) C:\WINDOWS\system32\DRIVERS\HpqKbFiltr.sys
22:45:17.0859 2672 HpqKbFiltr - ok
22:45:17.0906 2672 HPZid412 (d03d10f7ded688fecf50f8fbf1ea9b8a) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
22:45:17.0906 2672 HPZid412 - ok
22:45:17.0921 2672 HPZipr12 (89f41658929393487b6b7d13c8528ce3) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
22:45:17.0921 2672 HPZipr12 - ok
22:45:17.0921 2672 HPZius12 (abcb05ccdbf03000354b9553820e39f8) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
22:45:17.0921 2672 HPZius12 - ok
22:45:17.0953 2672 HSFHWAZL (3c01c18b866488fb6cc4e7d5472986a0) C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys
22:45:17.0968 2672 HSFHWAZL - ok
22:45:18.0109 2672 HSF_DPV (0d7d34441e37e4a41b61cff0cbca1e3d) C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys
22:45:18.0125 2672 HSF_DPV - ok
22:45:18.0171 2672 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
22:45:18.0171 2672 HTTP - ok
22:45:18.0234 2672 HTTPFilter (58fe2f2da3bc5573f4a35b3760d3125f) C:\WINDOWS\System32\w3ssl.dll
22:45:18.0234 2672 HTTPFilter - ok
22:45:18.0234 2672 i2omgmt - ok
22:45:18.0250 2672 i2omp - ok
22:45:18.0281 2672 i8042prt (c528e27945367191e7bae364930b6932) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
22:45:18.0296 2672 i8042prt - ok
22:45:18.0812 2672 ialm (42caa789a21014aa809a8ff59b3ccfd9) C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
22:45:18.0859 2672 ialm - ok
22:45:19.0062 2672 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
22:45:19.0062 2672 Imapi - ok
22:45:19.0093 2672 ImapiService (f7b93aafad33b2320954c17e26c8d361) C:\WINDOWS\System32\imapi.exe
22:45:19.0093 2672 ImapiService - ok
22:45:19.0093 2672 ini910u - ok
22:45:19.0109 2672 IntelIde - ok
22:45:19.0156 2672 intelppm (27b290d632af2cf3cf40bfddb7370985) C:\WINDOWS\system32\DRIVERS\intelppm.sys
22:45:19.0156 2672 intelppm - ok
22:45:19.0171 2672 ip6fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
22:45:19.0171 2672 ip6fw - ok
22:45:19.0218 2672 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
22:45:19.0218 2672 IpFilterDriver - ok
22:45:19.0250 2672 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
22:45:19.0250 2672 IpInIp - ok
22:45:19.0281 2672 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
22:45:19.0281 2672 IpNat - ok
22:45:19.0312 2672 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
22:45:19.0312 2672 IPSec - ok
22:45:19.0343 2672 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
22:45:19.0343 2672 IRENUM - ok
22:45:19.0359 2672 isapnp (cc9f8a2d60aed1a51a3ac34c59b987ae) C:\WINDOWS\system32\DRIVERS\isapnp.sys
22:45:19.0375 2672 isapnp - ok
22:45:19.0406 2672 ixooy (e6d35f3aa51a65eb35c1f2340154a25e) C:\WINDOWS\system32\drivers\fvnyvrm.sys
22:45:19.0406 2672 ixooy - ok
22:45:19.0531 2672 JavaQuickStarterService (5472d771c0197355c1d347f20392b982) C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
22:45:19.0531 2672 JavaQuickStarterService - ok
22:45:19.0562 2672 Kbdclass (1b6162fe7f66b1a71a4b70f941c4aa9b) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
22:45:19.0562 2672 Kbdclass - ok
22:45:19.0593 2672 kbdhid (86c8f23616c6c6e5b2776901c17b945b) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
22:45:19.0593 2672 kbdhid - ok
22:45:19.0625 2672 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
22:45:19.0625 2672 kmixer - ok
22:45:19.0656 2672 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
22:45:19.0656 2672 KSecDD - ok
22:45:19.0703 2672 lanmanserver (3428e8f86f8add36b42fb23542c7b3e4) C:\WINDOWS\System32\srvsvc.dll
22:45:19.0703 2672 lanmanserver - ok
22:45:19.0718 2672 lbrtfdc - ok
22:45:19.0750 2672 LmHosts (0ab159f536e3e8f7f07113702a07cca5) C:\WINDOWS\System32\lmhsvc.dll
22:45:19.0750 2672 LmHosts - ok
22:45:19.0796 2672 MBAMProtector (fb097bbc1a18f044bd17bd2fccf97865) C:\WINDOWS\system32\drivers\mbam.sys
22:45:19.0796 2672 MBAMProtector - ok
22:45:19.0890 2672 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
22:45:19.0906 2672 MBAMService - ok
22:45:19.0953 2672 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
22:45:19.0953 2672 mdmxsdk - ok
22:45:20.0000 2672 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
22:45:20.0000 2672 mnmdd - ok
22:45:20.0031 2672 mnmsrvc (9a57d046f88f4b69751b11fd40088a61) C:\WINDOWS\System32\mnmsrvc.exe
22:45:20.0031 2672 mnmsrvc - ok
22:45:20.0062 2672 Modem (44032b0c6d9954d3fd26438330b99ee7) C:\WINDOWS\system32\drivers\Modem.sys
22:45:20.0062 2672 Modem - ok
22:45:20.0078 2672 Mouclass (4cb582831dbde63ce43b45d771218374) C:\WINDOWS\system32\DRIVERS\mouclass.sys
22:45:20.0078 2672 Mouclass - ok
22:45:20.0109 2672 mouhid (bb269eba740737ab749b214d568b6812) C:\WINDOWS\system32\DRIVERS\mouhid.sys
22:45:20.0109 2672 mouhid - ok
22:45:20.0125 2672 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
22:45:20.0125 2672 MountMgr - ok
22:45:20.0125 2672 mraid35x - ok
22:45:20.0187 2672 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
22:45:20.0187 2672 MRxDAV - ok
22:45:20.0187 2672 MSDTC (6db4d1521caba9a5ffab54ade0ae867d) C:\WINDOWS\System32\msdtc.exe
22:45:20.0187 2672 MSDTC - ok
22:45:20.0218 2672 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
22:45:20.0218 2672 Msfs - ok
22:45:20.0218 2672 MSIServer - ok
22:45:20.0234 2672 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
22:45:20.0250 2672 MSKSSRV - ok
22:45:20.0250 2672 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
22:45:20.0250 2672 MSPCLOCK - ok
22:45:20.0265 2672 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
22:45:20.0265 2672 MSPQM - ok
22:45:20.0312 2672 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
22:45:20.0312 2672 mssmbios - ok
22:45:20.0343 2672 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
22:45:20.0343 2672 Mup - ok
22:45:20.0406 2672 napagent (6ea362e9db03d44f6b996f4d8be237e9) C:\WINDOWS\System32\qagentrt.dll
22:45:20.0406 2672 napagent - ok
22:45:20.0437 2672 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
22:45:20.0437 2672 NDIS - ok
22:45:20.0484 2672 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
22:45:20.0500 2672 NdisTapi - ok
22:45:20.0500 2672 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
22:45:20.0500 2672 Ndisuio - ok
22:45:20.0515 2672 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
22:45:20.0515 2672 NdisWan - ok
22:45:20.0562 2672 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
22:45:20.0562 2672 NDProxy - ok
22:45:20.0609 2672 Net Driver HPZ12 (a081cb6fb9a12668f233eb5414be3a0e) C:\WINDOWS\system32\HPZinw12.dll
22:45:20.0625 2672 Net Driver HPZ12 - ok
22:45:20.0671 2672 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
22:45:20.0687 2672 NetBT - ok
22:45:20.0718 2672 NetDDE (933de774986ec85e48210c44ab431de6) C:\WINDOWS\system32\netdde.exe
22:45:20.0734 2672 NetDDE - ok
22:45:20.0734 2672 NetDDEdsdm (933de774986ec85e48210c44ab431de6) C:\WINDOWS\system32\netdde.exe
22:45:20.0734 2672 NetDDEdsdm - ok
22:45:20.0781 2672 Netman (72e1e9e2977be08bdeedb6d8fd9d4d40) C:\WINDOWS\System32\netman.dll
22:45:20.0781 2672 Netman - ok
22:45:21.0109 2672 NETw5x32 (a3b69acd14051ae87ab9e1823a508b6d) C:\WINDOWS\system32\DRIVERS\NETw5x32.sys
22:45:21.0156 2672 NETw5x32 - ok
22:45:21.0343 2672 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
22:45:21.0343 2672 NIC1394 - ok
22:45:21.0390 2672 Nla (39ee7c3bfbc64ba87cc8cf67386e814c) C:\WINDOWS\System32\mswsock.dll
22:45:21.0406 2672 Nla - ok
22:45:21.0421 2672 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
22:45:21.0421 2672 Npfs - ok
22:45:21.0468 2672 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
22:45:21.0468 2672 Ntfs - ok
22:45:21.0546 2672 NtmsSvc (023dd70573d644f3d9c8b1258a7bfd08) C:\WINDOWS\system32\ntmssvc.dll
22:45:21.0546 2672 NtmsSvc - ok
22:45:21.0593 2672 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
22:45:21.0593 2672 Null - ok
22:45:21.0640 2672 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
22:45:21.0640 2672 NwlnkFlt - ok
22:45:21.0640 2672 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
22:45:21.0640 2672 NwlnkFwd - ok
22:45:21.0671 2672 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
22:45:21.0671 2672 ohci1394 - ok
22:45:21.0703 2672 Parport (46f8db73b4a53e543f8e371dc7c75bae) C:\WINDOWS\system32\drivers\Parport.sys
22:45:21.0703 2672 Parport - ok
22:45:21.0703 2672 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
22:45:21.0703 2672 PartMgr - ok
22:45:21.0718 2672 ParVdm (1fae19d0457176318bba4a8795656ebc) C:\WINDOWS\system32\drivers\ParVdm.sys
22:45:21.0718 2672 ParVdm - ok
22:45:21.0750 2672 PCI (6ce351d149cb4befc702951e471e1730) C:\WINDOWS\system32\DRIVERS\pci.sys
22:45:21.0750 2672 PCI - ok
22:45:21.0750 2672 PCIDump - ok
22:45:21.0765 2672 PCIIde (2da4ec85e0ea7a45c6b2a05820492d5a) C:\WINDOWS\system32\DRIVERS\pciide.sys
22:45:21.0765 2672 PCIIde - ok
22:45:21.0796 2672 Pcmcia (4fc31e6c19a5ce5198b1abff94cae758) C:\WINDOWS\system32\DRIVERS\pcmcia.sys
22:45:21.0796 2672 Pcmcia - ok
22:45:21.0796 2672 PDCOMP - ok
22:45:21.0812 2672 PDFRAME - ok
22:45:21.0812 2672 PDRELI - ok
22:45:21.0812 2672 PDRFRAME - ok
22:45:21.0828 2672 perc2 - ok
22:45:21.0828 2672 perc2hib - ok
22:45:21.0906 2672 PlugPlay (9ef697af07bb8dd82c3b02ca953a95b7) C:\WINDOWS\system32\services.exe
22:45:21.0906 2672 PlugPlay - ok
22:45:21.0953 2672 Pml Driver HPZ12 (65bc271f337637731d3c71455ae1f476) C:\WINDOWS\system32\HPZipm12.dll
22:45:21.0953 2672 Pml Driver HPZ12 - ok
22:45:21.0968 2672 PolicyAgent (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\System32\lsass.exe
22:45:21.0968 2672 PolicyAgent - ok
22:45:22.0000 2672 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
22:45:22.0000 2672 PptpMiniport - ok
22:45:22.0015 2672 Processor (7eb15dce4ec3a0220bd796a15c18186e) C:\WINDOWS\system32\DRIVERS\processr.sys
22:45:22.0015 2672 Processor - ok
22:45:22.0015 2672 ProtectedStorage (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
22:45:22.0015 2672 ProtectedStorage - ok
22:45:22.0031 2672 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
22:45:22.0031 2672 PSched - ok
22:45:22.0046 2672 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
22:45:22.0046 2672 Ptilink - ok
22:45:22.0062 2672 ql1080 - ok
22:45:22.0062 2672 Ql10wnt - ok
22:45:22.0062 2672 ql12160 - ok
22:45:22.0078 2672 ql1240 - ok
22:45:22.0078 2672 ql1280 - ok
22:45:22.0093 2672 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
22:45:22.0093 2672 RasAcd - ok
22:45:22.0140 2672 RasAuto (2b5e44ea009f2f374b980e1e9a70635d) C:\WINDOWS\System32\rasauto.dll
22:45:22.0140 2672 RasAuto - ok
22:45:22.0156 2672 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
22:45:22.0156 2672 Rasl2tp - ok
22:45:22.0203 2672 RasMan (d57554c664b64604bd1ee13ea2c07e77) C:\WINDOWS\System32\rasmans.dll
22:45:22.0218 2672 RasMan - ok
22:45:22.0218 2672 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
22:45:22.0218 2672 RasPppoe - ok
22:45:22.0250 2672 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
22:45:22.0250 2672 Raspti - ok
22:45:22.0250 2672 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
22:45:22.0250 2672 RDPCDD - ok
22:45:22.0312 2672 RDPWD (6589db6e5969f8eee594cf71171c5028) C:\WINDOWS\system32\drivers\RDPWD.sys
22:45:22.0312 2672 RDPWD - ok
22:45:22.0359 2672 RDSessMgr (c0d9d9711cb74ee9bc66353d8cbdab0e) C:\WINDOWS\system32\sessmgr.exe
22:45:22.0359 2672 RDSessMgr - ok
22:45:22.0406 2672 redbook (611bfd220305be3a85ae876ea47d4aa5) C:\WINDOWS\system32\DRIVERS\redbook.sys
22:45:22.0406 2672 redbook - ok
22:45:22.0437 2672 RemoteAccess (127c26b5371651043450e52542099aba) C:\WINDOWS\System32\mprdim.dll
22:45:22.0437 2672 RemoteAccess - ok
22:45:22.0515 2672 RpcSs (be27674d1cbc3214aec84b4336a38bbf) C:\WINDOWS\system32\rpcss.dll
22:45:22.0515 2672 RpcSs - ok
22:45:22.0562 2672 RSVP (09ab2e71e58b078038e3bfdba7ffc984) C:\WINDOWS\System32\rsvp.exe
22:45:22.0562 2672 RSVP - ok
22:45:22.0562 2672 SamSs (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
22:45:22.0562 2672 SamSs - ok
22:45:22.0593 2672 SCardSvr (410046e401eb11e1e6749e9deea41d4a) C:\WINDOWS\System32\SCardSvr.exe
22:45:22.0593 2672 SCardSvr - ok
22:45:22.0640 2672 Schedule (3ff232a7731621b8902d81d42418c93c) C:\WINDOWS\system32\schedsvc.dll
22:45:22.0640 2672 Schedule - ok
22:45:22.0687 2672 sdbus (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys
22:45:22.0687 2672 sdbus - ok
22:45:22.0703 2672 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
22:45:22.0703 2672 Secdrv - ok
22:45:22.0734 2672 seclogon (477e2c3cc5e4a0d635bcb0ea8dcac3c6) C:\WINDOWS\System32\seclogon.dll
22:45:22.0734 2672 seclogon - ok
22:45:22.0750 2672 SENS (a530b75c10c23c9ab28fdb6ce719e21f) C:\WINDOWS\system32\sens.dll
22:45:22.0750 2672 SENS - ok
22:45:22.0765 2672 Serial (b842729337c9b921615c40d3c1a1af96) C:\WINDOWS\system32\drivers\Serial.sys
22:45:22.0765 2672 Serial - ok
22:45:22.0781 2672 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
22:45:22.0781 2672 Sfloppy - ok
22:45:22.0828 2672 SharedAccess (f58faca9621d2db01bd0927d9a0a208e) C:\WINDOWS\System32\ipnathlp.dll
22:45:22.0843 2672 SharedAccess - ok
22:45:22.0890 2672 ShellHWDetection (ee9a2b9ea968a792a053c9d1a86bf870) C:\WINDOWS\System32\shsvcs.dll
22:45:22.0890 2672 ShellHWDetection - ok
22:45:22.0906 2672 Simbad - ok
22:45:22.0906 2672 Sparrow - ok
22:45:22.0953 2672 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
22:45:22.0953 2672 splitter - ok
22:45:22.0984 2672 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
22:45:22.0984 2672 Spooler - ok
22:45:23.0015 2672 sr (94610c8653635e4459316a0050d55ce7) C:\WINDOWS\system32\DRIVERS\sr.sys
22:45:23.0015 2672 sr - ok
22:45:23.0046 2672 srservice (35b91147124f64ac8081a2edb9ea4dee) C:\WINDOWS\System32\srsvc.dll
22:45:23.0046 2672 srservice - ok
22:45:23.0109 2672 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
22:45:23.0125 2672 Srv - ok
22:45:23.0140 2672 SSDPSRV (becd5271dc4e3b7c3d035f790fcbc1e5) C:\WINDOWS\System32\ssdpsrv.dll
22:45:23.0156 2672 SSDPSRV - ok
22:45:23.0187 2672 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
22:45:23.0203 2672 ssmdrv - ok
22:45:23.0250 2672 stisvc (c1cdd9275f6a115bb0ae1d55d8d27ba6) C:\WINDOWS\system32\wiaservc.dll
22:45:23.0265 2672 stisvc - ok
22:45:23.0281 2672 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
22:45:23.0281 2672 swenum - ok
22:45:23.0296 2672 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
22:45:23.0296 2672 swmidi - ok
22:45:23.0296 2672 SwPrv - ok
22:45:23.0312 2672 symc810 - ok
22:45:23.0312 2672 symc8xx - ok
22:45:23.0312 2672 sym_hi - ok
22:45:23.0328 2672 sym_u3 - ok
22:45:23.0328 2672 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
22:45:23.0343 2672 sysaudio - ok
22:45:23.0359 2672 SysmonLog (ce06f01b88ace199a1bf460cac29c110) C:\WINDOWS\system32\smlogsvc.exe
22:45:23.0359 2672 SysmonLog - ok
22:45:23.0406 2672 TapiSrv (c2546cd7a398476f9df5614b2ae160e8) C:\WINDOWS\System32\tapisrv.dll
22:45:23.0406 2672 TapiSrv - ok
22:45:23.0468 2672 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
22:45:23.0468 2672 Tcpip - ok
22:45:23.0500 2672 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
22:45:23.0500 2672 TDPIPE - ok
22:45:23.0515 2672 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
22:45:23.0515 2672 TDTCP - ok
22:45:23.0531 2672 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
22:45:23.0531 2672 TermDD - ok
22:45:23.0562 2672 TermService (a75dd6fc3dbee4fff5ebc9f2c28bb66e) C:\WINDOWS\System32\termsrv.dll
22:45:23.0578 2672 TermService - ok
22:45:23.0625 2672 Themes (ee9a2b9ea968a792a053c9d1a86bf870) C:\WINDOWS\System32\shsvcs.dll
22:45:23.0625 2672 Themes - ok
22:45:23.0625 2672 TosIde - ok
22:45:23.0671 2672 TrkWks (38853304ccb938d30e0c4cde8d2c2a8a) C:\WINDOWS\system32\trkwks.dll
22:45:23.0671 2672 TrkWks - ok
22:45:23.0687 2672 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
22:45:23.0703 2672 Udfs - ok
22:45:23.0703 2672 ultra - ok
22:45:23.0750 2672 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
22:45:23.0750 2672 Update - ok
22:45:23.0781 2672 upnphost (651bd90dcee5b7bdc74a2eb7c9266f9e) C:\WINDOWS\System32\upnphost.dll
22:45:23.0781 2672 upnphost - ok
22:45:23.0812 2672 UPS (20a0f6a11959e92908717d09e87d670d) C:\WINDOWS\System32\ups.exe
22:45:23.0812 2672 UPS - ok
22:45:23.0843 2672 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
22:45:23.0843 2672 usbccgp - ok
22:45:23.0890 2672 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
22:45:23.0890 2672 usbehci - ok
22:45:23.0906 2672 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
22:45:23.0906 2672 usbhub - ok
22:45:23.0953 2672 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
22:45:23.0953 2672 usbprint - ok
22:45:23.0968 2672 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
22:45:23.0968 2672 usbscan - ok
22:45:24.0000 2672 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
22:45:24.0000 2672 USBSTOR - ok
22:45:24.0015 2672 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
22:45:24.0015 2672 usbuhci - ok
22:45:24.0031 2672 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
22:45:24.0031 2672 VgaSave - ok
22:45:24.0046 2672 ViaIde - ok
22:45:24.0046 2672 VolSnap (28a4b296b47782173c346e376cb374d1) C:\WINDOWS\system32\drivers\VolSnap.sys
22:45:24.0046 2672 VolSnap - ok
22:45:24.0109 2672 VSS (d6ba1a63d9e00933f1cd2a885573afb2) C:\WINDOWS\System32\vssvc.exe
22:45:24.0109 2672 VSS - ok
22:45:24.0140 2672 W32Time (fa4e1cdba256787f2149f4aad07bc91f) C:\WINDOWS\System32\w32time.dll
22:45:24.0156 2672 W32Time - ok
22:45:24.0203 2672 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
22:45:24.0203 2672 Wanarp - ok
22:45:24.0281 2672 Wdf01000 (fd47474bd21794508af449d9d91af6e6) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
22:45:24.0296 2672 Wdf01000 - ok
22:45:24.0296 2672 WDICA - ok
22:45:24.0359 2672 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
22:45:24.0359 2672 wdmaud - ok
22:45:24.0390 2672 WebClient (47ae51048a82dfa1cd6b51d369f7e169) C:\WINDOWS\System32\webclnt.dll
22:45:24.0390 2672 WebClient - ok
22:45:24.0484 2672 winachsf (bb62e6fadcfe4096151103ac4b07f1ed) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
22:45:24.0484 2672 winachsf - ok
22:45:24.0562 2672 winmgmt (e488332126e3b1182d2b8a0c35408ec6) C:\WINDOWS\system32\wbem\WMIsvc.dll
22:45:24.0562 2672 winmgmt - ok
22:45:24.0593 2672 WmdmPmSN (6199b2ae3f9db9cb6db230471a1dc601) C:\WINDOWS\System32\mspmsnsv.dll
22:45:24.0609 2672 WmdmPmSN - ok
22:45:24.0640 2672 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
22:45:24.0640 2672 WmiAcpi - ok
22:45:24.0671 2672 WmiApSrv (23f6f03272f7e5679f1f050aed5acee6) C:\WINDOWS\System32\wbem\wmiapsrv.exe
22:45:24.0671 2672 WmiApSrv - ok
22:45:24.0734 2672 wscsvc (4c86d5faf78194995af9cc1075f65dd3) C:\WINDOWS\system32\wscsvc.dll
22:45:24.0734 2672 wscsvc - ok
22:45:24.0765 2672 wuauserv (c1364564800ee9784192145324a23308) C:\WINDOWS\system32\wuauserv.dll
22:45:24.0765 2672 wuauserv - ok
22:45:24.0843 2672 WZCSVC (a27d4ba7264c0bf52f32d10405bea1d4) C:\WINDOWS\System32\wzcsvc.dll
22:45:24.0843 2672 WZCSVC - ok
22:45:24.0890 2672 xmlprov (eaa4bb9edb3fb10cf8979fe65e63658f) C:\WINDOWS\System32\xmlprov.dll
22:45:24.0890 2672 xmlprov - ok
22:45:24.0921 2672 MBR (0x1B8) (413fc2a0c716421b3158746d63736515) \Device\Harddisk0\DR0
22:45:25.0406 2672 \Device\Harddisk0\DR0 - ok
22:45:25.0406 2672 Boot (0x1200) (284539773a05310368c79f41e35ccf87) \Device\Harddisk0\DR0\Partition0
22:45:25.0406 2672 \Device\Harddisk0\DR0\Partition0 - ok
22:45:25.0421 2672 Boot (0x1200) (8112dc39a9ef9aa7530602e69e59042e) \Device\Harddisk0\DR0\Partition1
22:45:25.0421 2672 \Device\Harddisk0\DR0\Partition1 - ok
22:45:25.0421 2672 ============================================================
22:45:25.0421 2672 Scan finished
22:45:25.0421 2672 ============================================================
22:45:25.0437 0156 Detected object count: 0
22:45:25.0437 0156 Actual detected object count: 0

[Airm]

ComboFix 12-07-02.01 - Ja 02.07.2012 15:34:41.1.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.999.463 [GMT 2:00]
Spuštěný z: c:\documents and settings\Ja\Plocha\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\spool\prtprocs\w32x86\hpfpp70v.dll
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-06-02 do 2012-07-02 )))))))))))))))))))))))))))))))
.
.
2012-07-02 13:25 . 2012-07-02 13:25 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Office Genuine Advantage
2012-07-02 13:24 . 2011-01-06 16:41 60416 ----a-w- c:\windows\system32\antiwpa.dll
2012-07-02 12:43 . 2012-07-02 12:44 -------- d-----w- c:\documents and settings\Administrator
2012-07-01 19:36 . 2012-07-01 19:36 -------- d-----w- c:\program files\Atari
2012-07-01 19:34 . 2012-07-01 19:34 242240 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2012-07-01 19:34 . 2012-07-01 19:35 -------- d-----w- c:\documents and settings\Ja\Data aplikací\DAEMON Tools Lite
2012-07-01 19:34 . 2012-07-01 19:34 -------- d-----w- c:\program files\DAEMON Tools Lite
2012-07-01 19:33 . 2012-07-01 19:35 -------- d-----w- c:\documents and settings\All Users\Data aplikací\DAEMON Tools Lite
2012-06-25 08:10 . 2012-06-25 08:10 -------- d-----w- c:\documents and settings\Ja\Data aplikací\Malwarebytes
2012-06-25 08:10 . 2012-06-25 08:10 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2012-06-25 08:10 . 2012-04-04 13:56 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-06-25 08:10 . 2012-06-25 08:10 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-06-12 22:11 . 2012-05-11 14:44 521728 -c----w- c:\windows\system32\dllcache\jsdbgui.dll
2012-06-09 20:22 . 2012-06-09 20:22 -------- d-----w- c:\documents and settings\Ja\Data aplikací\Playrix Entertainment
2012-06-09 20:22 . 2012-06-09 20:22 -------- d-----w- c:\documents and settings\All Users\Data aplikacĂ­
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-06-23 20:37 . 2012-04-26 10:19 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-06-23 20:37 . 2012-03-09 20:14 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-06-02 13:19 . 2009-08-06 18:24 15384 ----a-w- c:\windows\system32\wuaucpl.cpl.mui
2012-06-02 13:19 . 2009-08-06 18:24 22552 ----a-w- c:\windows\system32\wucltui.dll.mui
2012-06-02 13:19 . 2012-03-09 15:56 219160 ----a-w- c:\windows\system32\wuaucpl.cpl
2012-06-02 13:19 . 2012-03-09 15:56 329240 ----a-w- c:\windows\system32\wucltui.dll
2012-06-02 13:19 . 2012-03-09 15:56 210968 ----a-w- c:\windows\system32\wuweb.dll
2012-06-02 13:19 . 2012-03-09 15:56 35864 ----a-w- c:\windows\system32\wups.dll
2012-06-02 13:19 . 2012-03-09 15:02 53784 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-02 13:19 . 2009-08-06 18:24 45080 ----a-w- c:\windows\system32\wups2.dll
2012-06-02 13:19 . 2009-08-06 18:24 18456 ----a-w- c:\windows\system32\wuaueng.dll.mui
2012-06-02 13:19 . 2009-08-06 18:24 15384 ----a-w- c:\windows\system32\wuapi.dll.mui
2012-06-02 13:19 . 2002-09-23 12:00 97304 ----a-w- c:\windows\system32\cdm.dll
2012-06-02 13:19 . 2012-03-09 15:56 577048 ----a-w- c:\windows\system32\wuapi.dll
2012-06-02 13:19 . 2012-03-09 15:02 1933848 ----a-w- c:\windows\system32\wuaueng.dll
2012-05-31 13:22 . 2002-09-23 12:00 602112 ----a-w- c:\windows\system32\crypt32.dll
2012-05-16 15:09 . 2002-09-23 12:00 916992 ----a-w- c:\windows\system32\wininet.dll
2012-05-15 13:55 . 2002-09-23 12:00 1863168 ----a-w- c:\windows\system32\win32k.sys
2012-05-11 14:44 . 2002-09-23 12:00 43520 ------w- c:\windows\system32\licmgr10.dll
2012-05-11 14:44 . 2002-09-23 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2012-05-11 11:38 . 2012-03-09 15:56 385024 ------w- c:\windows\system32\html.iec
2012-05-08 18:42 . 2012-05-08 18:42 772552 ----a-w- c:\windows\system32\npDeployJava1.dll
2012-05-08 17:55 . 2012-03-09 18:08 83392 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2012-05-08 17:55 . 2012-03-09 18:08 137928 ----a-w- c:\windows\system32\drivers\avipbb.sys
2012-05-05 03:14 . 2002-09-23 12:00 2150400 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-05-05 03:14 . 2002-09-20 17:12 2028544 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-05-02 13:46 . 2012-03-09 15:02 139656 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-04-04 16:47 . 2012-05-08 18:42 143872 ----a-w- c:\windows\system32\javacpl.cpl
2012-04-04 16:47 . 2012-05-08 18:42 687504 ----a-w- c:\windows\system32\deployJava1.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2012-04-11 3672384]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\System32\igfxtray.exe" [2007-12-20 141848]
"HotKeysCmds"="c:\windows\System32\hkcmd.exe" [2007-12-20 166424]
"Persistence"="c:\windows\System32\igfxpers.exe" [2007-12-20 137752]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2007-01-05 872448]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2012-05-08 348624]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
.
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [1.7.2012 21:34 242240]
S1 avkmgr;avkmgr;c:\windows\system32\drivers\avkmgr.sys [9.3.2012 20:08 36000]
S2 AntiVirSchedulerService;Avira Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [9.3.2012 20:08 86224]
S2 BBSvc;BingBar Service;c:\program files\Microsoft\BingBar\7.1.362.0\BBSvc.EXE [13.2.2012 22:19 193816]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [25.6.2012 10:10 654408]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [26.4.2012 12:19 250056]
S3 BBUpdate;BBUpdate;c:\program files\Microsoft\BingBar\7.1.362.0\SeaPort.EXE [13.2.2012 22:19 240408]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [25.6.2012 10:10 22344]
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - MDMXSDK
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
.
Obsah adresáře 'Naplánované úlohy'
.
2012-07-01 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-26 20:37]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
TCP: DhcpNameServer = 10.0.0.138
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-07-02 15:48
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
Celkový čas: 2012-07-02 15:53:09 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-07-02 13:53
.
Před spuštěním: Volných bajtů: 11 457 343 488
Po spuštění: Volných bajtů: 11 490 611 200
.
WindowsXP-KB310994-SP2-Home-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /fastdetect /NoExecute=OptIn
.
- - End Of File - - ADBF7D54BF27846A79F6590D50F766E1

[jaro3]

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

Vyčisti systém CCleanerem
a použij i T-Cleaner
smaže vše po Combu,MWAVu atd.-stáhneš>spustíš

pozn. před stažením T-Cleaneru a po dobu čištění deaktivuj antivir a antispyware ,následně T-Cleaner smaž a zapni si znovu antivir a antispyware.


že by sis pořídil legální systém?

Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.

Napiš , jak to vypadá nyní.

[Airm]

aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-07-02 20:29:03
-----------------------------
20:29:03.781 OS Version: Windows 5.1.2600 Service Pack 3
20:29:03.781 Number of processors: 2 586 0xF0D
20:29:03.781 ComputerName: NOTEBOOK UserName: Ja
20:29:04.562 Initialize success
20:29:08.578 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-8
20:29:08.578 Disk 0 Vendor: TOSHIBA_MK8009GAH BS021C Size: 76319MB BusType: 3
20:29:08.609 Disk 0 MBR read successfully
20:29:08.609 Disk 0 MBR scan
20:29:08.609 Disk 0 Windows XP default MBR code
20:29:08.609 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 24999 MB offset 63
20:29:08.609 Disk 0 Partition - 00 0F Extended LBA 51309 MB offset 51199155
20:29:08.625 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 51309 MB offset 51199218
20:29:08.625 Disk 0 scanning sectors +156280320
20:29:08.703 Disk 0 scanning C:\WINDOWS\system32\drivers
20:29:20.671 Service scanning
20:29:31.390 Modules scanning
20:29:45.078 Disk 0 trace - called modules:
20:29:45.109 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
20:29:45.109 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x860c2ab8]
20:29:45.109 3 CLASSPNP.SYS[f7540fd7] -> nt!IofCallDriver -> \Device\00000086[0x861419e8]
20:29:45.109 5 ACPI.sys[f73b7620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-8[0x86152940]
20:29:45.109 Scan finished successfully
20:29:55.609 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Ja\Plocha\MBR.dat"
20:29:55.625 The log file has been saved successfully to "C:\Documents and Settings\Ja\Plocha\aswMBR.txt"

[Airm]

Počítač šlape lépe... dokonce se načítají obrázky ale při otevření internetové klikačky KingsAge je vše zpomalené .,.. předtím to nedělalo ale je možné že to je chyba na serveru.

[Žbeky]

Jednu stránku neovlivníme. Bude spíš chyba na ní. Pokud nejsou jiné problémy, můžeš dát vyřešeno