NTB uz zase neni moc ve forme

pechytce · Příspěvekod **pechytce** » 31 črc 2012 20:49

Zase mu trva tyden, nez reaguje jak ma.....prosim o kontrolu logu

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:47:29, on 31.7.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\System32\igfxpers.exe
C:\WINDOWS\System32\WLTRAY.exe
C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe
C:\Program Files\Citrix\ICA Client\redirector.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\System32\igfxsrvc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Microsoft ActiveSync\Wcescomm.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\PROGRA~1\MICROS~3\rapimgr.exe
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\Program Files\Citrix\ICA Client\wfcrun32.exe
C:\Program Files\Citrix\ICA Client\concentr.exe
C:\Program Files\Citrix\ICA Client\Receiver\Receiver.exe
C:\WINDOWS\explorer.exe
C:\Documents and Settings\pechy\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\pechy\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\pechy\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\pechy\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\pechy\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\pechy\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\pechy\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\pechy\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\pechy\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\msiexec.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
C:\Documents and Settings\pechy\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: CtxIEInterceptorBHO - {2C4631FF-5CC8-4EBC-A0DF-34C92291759E} - C:\Program Files\Citrix\ICA Client\IEInterceptor.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\System32\igfxpers.exe
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\System32\WLTRAY.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\stsystra.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ConnectionCenter] "C:\Program Files\Citrix\ICA Client\redirector.exe" /startup
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\pechy\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files\Google\Drive\googledrivesync.exe" /autostart
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\Wcescomm.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Facebook Update] "C:\Documents and Settings\pechy\Local Settings\Data aplikací\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: Facebook Messenger.lnk = ?
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra 'Tools' menuitem: Vytvořit mobilní oblíbenou položku… - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 4536978515
O16 - DPF: {9EF2BA47-C6A7-470D-9DD9-4323B0CB8353} (WebClient Control) - http://vrchoslav.araxon.cz/WebClient.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter hijack: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Citrix\ICACLI~1\RSHook.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Unknown owner - C:\Program Files\Eset\nod32krn.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE

--
End of file - 12124 bytes

Reklama

Příspěvekod **jaro3** » 31 črc 2012 23:02

Odinstaluj:
Ask Toolbar

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod

Kód: Vybrat vše

O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\pechy\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Facebook Update] "C:\Documents and Settings\pechy\Local Settings\Data aplikací\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Provést rychlý sken a klikni na tlačítko Skenovat
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Zobrazit výsledky
- pak zvol možnost uložit log a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

Pokud budou problémy , spusť v nouz. režimu.

pechytce · Příspěvekod **pechytce** » 01 srp 2012 07:32

diky za reakci...
Snad jsem vse udelal, bohuzel se mi ted ntb jeste vice zpomalil :-(

.. tak uvidime :-)

Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware) 1.62.0.1300
www.malwarebytes.org

Verze databáze: v2012.07.31.12

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
pechy :: SITEL [administrátor]

Ochrana: Zakázána

1.8.2012 7:01:22
mbam-log-2012-08-01 (07-01-22).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 196289
Uplynulý čas: 11 minut, 23 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)

(konec)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 7:30:42, on 1.8.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\System32\igfxpers.exe
C:\WINDOWS\System32\WLTRAY.exe
C:\WINDOWS\System32\igfxsrvc.exe
C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe
C:\Program Files\Citrix\ICA Client\redirector.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Microsoft ActiveSync\Wcescomm.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\PROGRA~1\MICROS~3\rapimgr.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
C:\Program Files\Citrix\ICA Client\wfcrun32.exe
C:\Program Files\Citrix\ICA Client\concentr.exe
C:\Program Files\Citrix\ICA Client\Receiver\Receiver.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\WINDOWS\notepad.exe
C:\Documents and Settings\pechy\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\pechy\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\pechy\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\pechy\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\pechy\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: CtxIEInterceptorBHO - {2C4631FF-5CC8-4EBC-A0DF-34C92291759E} - C:\Program Files\Citrix\ICA Client\IEInterceptor.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\System32\igfxpers.exe
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\System32\WLTRAY.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\stsystra.exe
O4 - HKLM\..\Run: [ConnectionCenter] "C:\Program Files\Citrix\ICA Client\redirector.exe" /startup
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files\Google\Drive\googledrivesync.exe" /autostart
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\Wcescomm.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: Facebook Messenger.lnk = ?
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra 'Tools' menuitem: Vytvořit mobilní oblíbenou položku… - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 4536978515
O16 - DPF: {9EF2BA47-C6A7-470D-9DD9-4323B0CB8353} (WebClient Control) - http://vrchoslav.araxon.cz/WebClient.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter hijack: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Citrix\ICACLI~1\RSHook.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Unknown owner - C:\Program Files\Eset\nod32krn.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE

--
End of file - 11226 bytes

Příspěvekod **memphisto** » 01 srp 2012 08:04

Stáhni si CrystalDiskInfo a nahoď sem z něj log.

pechytce · Příspěvekod **pechytce** » 01 srp 2012 08:23

----------------------------------------------------------------------------
CrystalDiskInfo 5.0.0 (C) 2008-2012 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows XP Professional SP3 [5.1 Build 2600] (x86)
Date : 2012/08/01 8:22:44

-- Controller Map ----------------------------------------------------------

-- Disk List ---------------------------------------------------------------
(1) Hitachi HTS541660J9SA00 : 60,0 GB [0/0/0, pd1]

----------------------------------------------------------------------------
(1) Hitachi HTS541660J9SA00
----------------------------------------------------------------------------
Model : Hitachi HTS541660J9SA00
Firmware : SBBOC7KP
Serial Number : SB2BDBSLGX2X9N
Disk Size : 60,0 GB (8,4/60,0/60,0)
Buffer Size : 7516 KB
Queue Depth : 32
# of Sectors : 117210240
Rotation Rate : Neznámy údaj
Interface : Serial ATA
Major Version : ATA/ATAPI-7
Minor Version : ATA/ATAPI-7 T13 1532D version 1
Transfer Mode : SATA/150
Power On Hours : 9312 hod.
Power On Count : 5045 krát
Temparature : 38 C (100 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, AAM, 48bit LBA, NCQ
APM Level : 4080h [ON]
AAM Level : 8080h [ON]

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 100 100 _62 000000000000 Počet chyb čtení
02 100 100 __0 000000000961 Průchodnost disku
03 253 253 _33 000900000000 Čas na roztočení ploten
04 _97 _97 __0 0000000013EA Počet spuštění/zastavení
05 100 100 __5 000000000000 Počet přemapovaných sektorů
07 100 100 __0 000000000000 Počet chybných hledání
08 100 100 __0 000000000000 Čas potřebný na vyhledání
09 _79 _79 __0 000000002460 Hodin v činnosti
0A 100 100 __0 000000000000 Počet opakovaných pokusů o roztočení ploten
0C _97 _97 __0 0000000013B5 Počet cyklů zapnutí zařízení
BF _98 _98 __0 000000000004 Počet udalostí zaznamenaných otřesovým senzorem
C0 _98 _98 __0 00000000023E Počet vypnutí disku
C1 _97 _97 __0 000000008246 Počet cyklů načítání/vymazání
C2 144 144 __0 0039FFFF0026 Teplota
C4 100 100 __0 000000000004 Počet udalostí s číslem realokování sektorů
C5 100 100 __0 000000000000 Počet podezřelých sektorů
C6 100 100 __0 000000000000 Počet neopravitelných sektorů
C7 200 253 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
DF 100 100 __0 000000000000 Zatížení budiče magnetických hlav způsobené opakovanými úkony
E1 _97 _97 __0 000000008246 Počet cyklů načítání/vymazání

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 045A 3FFF C837 0010 0000 003F 003F 0000 0000 0000
010: 2020 2020 2020 5342 3242 534C 534C 4758 3258 394E
020: 0003 3AB8 0004 5342 424F 4B50 4B50 4869 7461 6368
030: 6920 4854 5335 3431 3636 3953 3953 4130 3020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 0F00
050: 4000 0200 0200 0007 3FFF 003F 003F FC10 00FB 0110
060: 7C80 06FC 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 0502 0502 0000 005E 0048
080: 00FC 001A 746B 7F69 4163 3E49 3E49 4163 203F 0013
090: 0000 4080 FFFE 0000 8080 0000 0000 0000 0000 0000
100: 7C80 06FC 0000 0000 0000 0000 0000 8848 5000 CCA5
110: 1BCC C553 0000 0000 0000 0000 0000 0000 0000 4000
120: 4000 0000 0000 0000 0000 0000 0000 0000 0009 000B
130: 004C 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
150: 8000 0000 4244 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 003F 003F 0000 0000 0000
210: 0000 0000 8000 0000 0000 0000 0000 0000 0000 0000
220: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 2BA5

Příspěvekod **jaro3** » 01 srp 2012 09:36

Stáhni si TDSSKiller

Na svojí plochu.Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller.2.2.7.1._(datum)_log.txt , vlož sem prosím celý obsah logu.

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

pechytce · Příspěvekod **pechytce** » 01 srp 2012 14:05

13:11:59.0421 3712 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
13:11:59.0640 3712 ============================================================
13:11:59.0640 3712 Current date / time: 2012/08/01 13:11:59.0640
13:11:59.0640 3712 SystemInfo:
13:11:59.0640 3712
13:11:59.0640 3712 OS Version: 5.1.2600 ServicePack: 3.0
13:11:59.0640 3712 Product type: Workstation
13:11:59.0640 3712 ComputerName: SITEL
13:11:59.0640 3712 UserName: pechy
13:11:59.0640 3712 Windows directory: C:\WINDOWS
13:11:59.0640 3712 System windows directory: C:\WINDOWS
13:11:59.0640 3712 Processor architecture: Intel x86
13:11:59.0640 3712 Number of processors: 2
13:11:59.0640 3712 Page size: 0x1000
13:11:59.0640 3712 Boot type: Normal boot
13:11:59.0640 3712 ============================================================
13:12:04.0312 3712 Drive \Device\Harddisk0\DR0 - Size: 0xDF8F90000 (55.89 Gb), SectorSize: 0x200, Cylinders: 0x1C80, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
13:12:04.0312 3712 ============================================================
13:12:04.0312 3712 \Device\Harddisk0\DR0:
13:12:04.0312 3712 MBR partitions:
13:12:04.0312 3712 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x6FC3D80
13:12:04.0312 3712 ============================================================
13:12:04.0484 3712 C: <-> \Device\Harddisk0\DR0\Partition0
13:12:04.0484 3712 ============================================================
13:12:04.0484 3712 Initialize success
13:12:04.0484 3712 ============================================================
13:12:07.0359 5712 ============================================================
13:12:07.0359 5712 Scan started
13:12:07.0359 5712 Mode: Manual;
13:12:07.0359 5712 ============================================================
13:12:08.0359 5712 Abiosdsk - ok
13:12:08.0375 5712 abp480n5 - ok
13:12:08.0437 5712 ACPI (4fe34f1f3126b61fcc6b2043aa8112c9) C:\WINDOWS\system32\DRIVERS\ACPI.sys
13:12:08.0453 5712 ACPI - ok
13:12:08.0484 5712 ACPIEC (afdff022a01f0b11c776f0860c3b282f) C:\WINDOWS\system32\drivers\ACPIEC.sys
13:12:08.0500 5712 ACPIEC - ok
13:12:08.0593 5712 AdobeFlashPlayerUpdateSvc (6c40d5ed8951ab7b90d08af655224ee4) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
13:12:08.0609 5712 AdobeFlashPlayerUpdateSvc - ok
13:12:08.0609 5712 adpu160m - ok
13:12:08.0687 5712 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
13:12:08.0703 5712 aec - ok
13:12:08.0765 5712 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
13:12:08.0781 5712 AFD - ok
13:12:08.0781 5712 Aha154x - ok
13:12:08.0796 5712 aic78u2 - ok
13:12:08.0812 5712 aic78xx - ok
13:12:08.0859 5712 Alerter (e0a6fa244b8624d78fe5ff6f56a33bae) C:\WINDOWS\system32\alrsvc.dll
13:12:08.0859 5712 Alerter - ok
13:12:08.0906 5712 ALG (88842de939a827577bf24243699ac80a) C:\WINDOWS\System32\alg.exe
13:12:08.0906 5712 ALG - ok
13:12:08.0921 5712 AliIde - ok
13:12:08.0984 5712 AMON (51cfcacd2d980d5146e9849ad1370af5) C:\WINDOWS\system32\drivers\amon.sys
13:12:09.0000 5712 AMON - ok
13:12:09.0000 5712 amsint - ok
13:12:09.0046 5712 AppMgmt (6b8e7a90e576d4fe308f97c69060a171) C:\WINDOWS\System32\appmgmts.dll
13:12:09.0062 5712 AppMgmt - ok
13:12:09.0078 5712 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
13:12:09.0093 5712 Arp1394 - ok
13:12:09.0125 5712 asc - ok
13:12:09.0125 5712 asc3350p - ok
13:12:09.0140 5712 asc3550 - ok
13:12:09.0250 5712 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
13:12:09.0296 5712 aspnet_state - ok
13:12:09.0312 5712 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
13:12:09.0312 5712 AsyncMac - ok
13:12:09.0359 5712 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
13:12:09.0359 5712 atapi - ok
13:12:09.0359 5712 Atdisk - ok
13:12:09.0406 5712 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
13:12:09.0453 5712 Atmarpc - ok
13:12:09.0515 5712 AudioSrv (de31b88962a8645dba5a37b993e7b0f1) C:\WINDOWS\System32\audiosrv.dll
13:12:09.0515 5712 AudioSrv - ok
13:12:09.0578 5712 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
13:12:09.0578 5712 audstub - ok
13:12:09.0718 5712 BCM43XX (e9ea635b8432d68f0005b3f6cebab837) C:\WINDOWS\system32\DRIVERS\bcmwl5.sys
13:12:09.0750 5712 BCM43XX - ok
13:12:09.0796 5712 bcm4sbxp (cd4646067cc7dcba1907fa0acf7e3966) C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys
13:12:09.0796 5712 bcm4sbxp - ok
13:12:09.0875 5712 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
13:12:09.0875 5712 Beep - ok
13:12:09.0968 5712 BITS (19395d092fd85ddc2d9c7729cf5a2ac8) C:\WINDOWS\system32\qmgr.dll
13:12:10.0046 5712 BITS - ok
13:12:10.0156 5712 Bluetooth Hid Switch Service (b26e18adaa16e507166e3b61e79a1e25) C:\Program Files\BlueTooth\HidSwitchService\HidSw.exe
13:12:10.0171 5712 Bluetooth Hid Switch Service - ok
13:12:10.0234 5712 Browser (249276d3ef1e74b992299cb96099e4d7) C:\WINDOWS\System32\browser.dll
13:12:10.0250 5712 Browser - ok
13:12:10.0328 5712 btaudio (8893ae0b6b9b60e0521a60e8b2160216) C:\WINDOWS\system32\drivers\btaudio.sys
13:12:10.0343 5712 btaudio - ok
13:12:10.0375 5712 BTDriver (fde318e3569f57264af74b7e431f60ae) C:\WINDOWS\system32\DRIVERS\btport.sys
13:12:10.0406 5712 BTDriver - ok
13:12:10.0500 5712 BTKRNL (9c3c8b9e2eda516eb44b51dab81dbd68) C:\WINDOWS\system32\DRIVERS\btkrnl.sys
13:12:10.0515 5712 BTKRNL - ok
13:12:10.0562 5712 BTSERIAL (089f7526ff41c17b0a43896d0553d5a2) C:\WINDOWS\System32\drivers\btserial.sys
13:12:10.0562 5712 BTSERIAL - ok
13:12:10.0687 5712 btwdins (3a462eba453d84d036046772104cfbcb) C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
13:12:10.0703 5712 btwdins - ok
13:12:10.0718 5712 BTWDNDIS (28531ab3183f498e58d93d585e6a6b70) C:\WINDOWS\system32\DRIVERS\btwdndis.sys
13:12:10.0734 5712 BTWDNDIS - ok
13:12:10.0765 5712 btwhid (c5c0e21c67089f053b964e0a8b8adbac) C:\WINDOWS\system32\DRIVERS\btwhid.sys
13:12:10.0765 5712 btwhid - ok
13:12:10.0781 5712 btwmodem (7d295223c172ab4d61dc256721b2f09e) C:\WINDOWS\system32\DRIVERS\btwmodem.sys
13:12:10.0781 5712 btwmodem - ok
13:12:10.0828 5712 BTWUSB (56c701580f2891952761362ba7594b3d) C:\WINDOWS\system32\Drivers\btwusb.sys
13:12:10.0828 5712 BTWUSB - ok
13:12:10.0859 5712 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
13:12:10.0859 5712 cbidf2k - ok
13:12:10.0890 5712 cd20xrnt - ok
13:12:10.0953 5712 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
13:12:10.0953 5712 Cdaudio - ok
13:12:11.0015 5712 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
13:12:11.0015 5712 Cdfs - ok
13:12:11.0109 5712 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
13:12:11.0125 5712 Cdrom - ok
13:12:11.0281 5712 Changer - ok
13:12:11.0453 5712 cisvc (e390dc1d7c461d7d56ec53402f329928) C:\WINDOWS\System32\cisvc.exe
13:12:11.0515 5712 cisvc - ok
13:12:11.0625 5712 ClipSrv (064507a8dfa8c5c7e2ffddd3e6f424fa) C:\WINDOWS\system32\clipsrv.exe
13:12:11.0734 5712 ClipSrv - ok
13:12:11.0890 5712 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:12:11.0937 5712 clr_optimization_v2.0.50727_32 - ok
13:12:11.0968 5712 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
13:12:11.0984 5712 CmBatt - ok
13:12:11.0984 5712 CmdIde - ok
13:12:12.0062 5712 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
13:12:12.0062 5712 Compbatt - ok
13:12:12.0062 5712 COMSysApp - ok
13:12:12.0078 5712 Cpqarray - ok
13:12:12.0156 5712 CryptSvc (f3ab0933cbd166d271992f411c27ccaf) C:\WINDOWS\System32\cryptsvc.dll
13:12:12.0171 5712 CryptSvc - ok
13:12:12.0218 5712 ctxusbm (4e08a98dba0b1249c2eb4b191978a9a4) C:\WINDOWS\system32\DRIVERS\ctxusbm.sys
13:12:12.0234 5712 ctxusbm - ok
13:12:12.0234 5712 dac2w2k - ok
13:12:12.0250 5712 dac960nt - ok
13:12:12.0328 5712 DcomLaunch (be27674d1cbc3214aec84b4336a38bbf) C:\WINDOWS\system32\rpcss.dll
13:12:12.0343 5712 DcomLaunch - ok
13:12:12.0406 5712 Dhcp (8c9a53e285ac5e6704844d0459ec85be) C:\WINDOWS\System32\dhcpcsvc.dll
13:12:12.0406 5712 Dhcp - ok
13:12:12.0421 5712 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
13:12:12.0421 5712 Disk - ok
13:12:12.0437 5712 dmadmin - ok
13:12:12.0515 5712 dmboot (db5fd2bf5b07dc54bfcb3664ff05bd7c) C:\WINDOWS\system32\drivers\dmboot.sys
13:12:12.0546 5712 dmboot - ok
13:12:12.0562 5712 dmio (fff1720af51171f32f1ead5cf71f2810) C:\WINDOWS\system32\drivers\dmio.sys
13:12:12.0578 5712 dmio - ok
13:12:12.0593 5712 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
13:12:12.0609 5712 dmload - ok
13:12:12.0625 5712 dmserver (2bfefe9e865655a76982f050450b9591) C:\WINDOWS\System32\dmserver.dll
13:12:12.0640 5712 dmserver - ok
13:12:12.0656 5712 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
13:12:12.0656 5712 DMusic - ok
13:12:12.0718 5712 Dnscache (dfaa406bf19f4ee806a6f8d4342137f7) C:\WINDOWS\System32\dnsrslvr.dll
13:12:12.0734 5712 Dnscache - ok
13:12:12.0796 5712 Dot3svc (4a3e2bd20157a0946751229e92eb8621) C:\WINDOWS\System32\dot3svc.dll
13:12:12.0796 5712 Dot3svc - ok
13:12:12.0859 5712 dot4 (3e4b043f8bc6be1d4820cc6c9c500306) C:\WINDOWS\system32\DRIVERS\Dot4.sys
13:12:12.0859 5712 dot4 - ok
13:12:12.0890 5712 Dot4Print (77ce63a8a34ae23d9fe4c7896d1debe7) C:\WINDOWS\system32\DRIVERS\Dot4Prt.sys
13:12:12.0906 5712 Dot4Print - ok
13:12:12.0921 5712 dot4usb (ccc4092dfc85336f2e1c142483adeb42) C:\WINDOWS\system32\DRIVERS\dot4usb.sys
13:12:12.0953 5712 dot4usb - ok
13:12:12.0984 5712 dpti2o - ok
13:12:13.0046 5712 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
13:12:13.0046 5712 drmkaud - ok
13:12:13.0093 5712 dtsoftbus01 (687af6bb383885ff6a64071b189a7f3e) C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys
13:12:13.0109 5712 dtsoftbus01 - ok
13:12:13.0156 5712 eamon (9309c5c9831203436e64cf2ae605c5d7) C:\WINDOWS\system32\DRIVERS\eamon.sys
13:12:13.0171 5712 eamon - ok
13:12:13.0203 5712 EapHost (0887d9c2be8d940778cad1e3b85f2a41) C:\WINDOWS\System32\eapsvc.dll
13:12:13.0203 5712 EapHost - ok
13:12:13.0250 5712 ehdrv (deff87f04ab5f6dd5edf2b80853bbe10) C:\WINDOWS\system32\DRIVERS\ehdrv.sys
13:12:13.0250 5712 ehdrv - ok
13:12:13.0281 5712 epfwtdir (06c65ac0a703cf8eea4f284d901a1550) C:\WINDOWS\system32\DRIVERS\epfwtdir.sys
13:12:13.0281 5712 epfwtdir - ok
13:12:13.0343 5712 ERSvc (a2a4912798f2be706abadd3d30800d16) C:\WINDOWS\System32\ersvc.dll
13:12:13.0343 5712 ERSvc - ok
13:12:13.0406 5712 Eventlog (9ef697af07bb8dd82c3b02ca953a95b7) C:\WINDOWS\system32\services.exe
13:12:13.0421 5712 Eventlog - ok
13:12:13.0515 5712 EventSystem (a371f11ef07653591c8de26afb13ce7f) C:\WINDOWS\System32\es.dll
13:12:13.0531 5712 EventSystem - ok
13:12:13.0828 5712 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
13:12:13.0843 5712 Fastfat - ok
13:12:13.0906 5712 FastUserSwitchingCompatibility (ee9a2b9ea968a792a053c9d1a86bf870) C:\WINDOWS\System32\shsvcs.dll
13:12:13.0921 5712 FastUserSwitchingCompatibility - ok
13:12:13.0984 5712 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
13:12:13.0984 5712 Fdc - ok
13:12:14.0046 5712 Fips (ac366695a0796560aa37215ad5762aaf) C:\WINDOWS\system32\drivers\Fips.sys
13:12:14.0046 5712 Fips - ok
13:12:14.0062 5712 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
13:12:14.0078 5712 Flpydisk - ok
13:12:14.0140 5712 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
13:12:14.0171 5712 FltMgr - ok
13:12:14.0328 5712 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
13:12:14.0343 5712 FontCache3.0.0.0 - ok
13:12:14.0390 5712 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
13:12:14.0390 5712 Fs_Rec - ok
13:12:14.0453 5712 Ftdisk (4e664d8541db4a66b73a24257e322e1f) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
13:12:14.0453 5712 Ftdisk - ok
13:12:14.0468 5712 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
13:12:14.0484 5712 Gpc - ok
13:12:14.0640 5712 gupdate (506708142bc63daba64f2d3ad1dcd5bf) C:\Program Files\Google\Update\GoogleUpdate.exe
13:12:14.0656 5712 gupdate - ok
13:12:14.0656 5712 gupdatem (506708142bc63daba64f2d3ad1dcd5bf) C:\Program Files\Google\Update\GoogleUpdate.exe
13:12:14.0671 5712 gupdatem - ok
13:12:14.0750 5712 gusvc (c1b577b2169900f4cf7190c39f085794) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
13:12:14.0765 5712 gusvc - ok
13:12:14.0843 5712 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
13:12:14.0843 5712 HDAudBus - ok
13:12:14.0968 5712 helpsvc (fcfe31fb75f8a6295b6b0af87a626282) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
13:12:14.0984 5712 helpsvc - ok
13:12:15.0031 5712 HidServ (00e25ee90166b3e1be6e74aebf858306) C:\WINDOWS\System32\hidserv.dll
13:12:15.0046 5712 HidServ - ok
13:12:15.0062 5712 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
13:12:15.0062 5712 hidusb - ok
13:12:15.0109 5712 hkmsvc (7a6b320928f86bc851530d63c82965d9) C:\WINDOWS\System32\kmsvc.dll
13:12:15.0125 5712 hkmsvc - ok
13:12:15.0125 5712 hpn - ok
13:12:15.0140 5712 hpt3xx - ok
13:12:15.0250 5712 HSF_DPV (e8ec1767ea315a39a0dd8989952ca0e9) C:\WINDOWS\system32\DRIVERS\HSX_DPV.sys
13:12:15.0281 5712 HSF_DPV - ok
13:12:15.0328 5712 HSXHWAZL (61478fa42ee04562e7f11f4dca87e9c8) C:\WINDOWS\system32\DRIVERS\HSXHWAZL.sys
13:12:15.0328 5712 HSXHWAZL - ok
13:12:15.0406 5712 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
13:12:15.0406 5712 HTTP - ok
13:12:15.0437 5712 HTTPFilter (58fe2f2da3bc5573f4a35b3760d3125f) C:\WINDOWS\System32\w3ssl.dll
13:12:15.0468 5712 HTTPFilter - ok
13:12:15.0468 5712 i2omgmt - ok
13:12:15.0484 5712 i2omp - ok
13:12:15.0546 5712 i8042prt (c528e27945367191e7bae364930b6932) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
13:12:15.0546 5712 i8042prt - ok
13:12:16.0015 5712 ialm (e8c7cc369c2fb657e0792af70df529e6) C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
13:12:16.0390 5712 ialm - ok
13:12:16.0703 5712 idsvc (c01ac32dc5c03076cfb852cb5da5229c) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
13:12:16.0734 5712 idsvc - ok
13:12:16.0843 5712 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
13:12:16.0843 5712 Imapi - ok
13:12:16.0906 5712 ImapiService (f7b93aafad33b2320954c17e26c8d361) C:\WINDOWS\System32\imapi.exe
13:12:16.0921 5712 ImapiService - ok
13:12:16.0937 5712 ini910u - ok
13:12:16.0968 5712 IntelIde - ok
13:12:17.0015 5712 intelppm (27b290d632af2cf3cf40bfddb7370985) C:\WINDOWS\system32\DRIVERS\intelppm.sys
13:12:17.0031 5712 intelppm - ok
13:12:17.0062 5712 ip6fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
13:12:17.0062 5712 ip6fw - ok
13:12:17.0093 5712 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
13:12:17.0093 5712 IpFilterDriver - ok
13:12:17.0125 5712 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
13:12:17.0125 5712 IpInIp - ok
13:12:17.0171 5712 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
13:12:17.0171 5712 IpNat - ok
13:12:17.0203 5712 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
13:12:17.0203 5712 IPSec - ok
13:12:17.0265 5712 irda (aca5e7b54409f9cb5eed97ed0c81120e) C:\WINDOWS\system32\DRIVERS\irda.sys
13:12:17.0265 5712 irda - ok
13:12:17.0296 5712 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
13:12:17.0296 5712 IRENUM - ok
13:12:17.0328 5712 Irmon (8024ea8c5b2d2a4d201f418b0aadb804) C:\WINDOWS\System32\irmon.dll
13:12:17.0328 5712 Irmon - ok
13:12:17.0375 5712 isapnp (cc9f8a2d60aed1a51a3ac34c59b987ae) C:\WINDOWS\system32\DRIVERS\isapnp.sys
13:12:17.0375 5712 isapnp - ok
13:12:17.0546 5712 JavaQuickStarterService (5472d771c0197355c1d347f20392b982) C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
13:12:17.0562 5712 JavaQuickStarterService - ok
13:12:17.0609 5712 Kbdclass (1b6162fe7f66b1a71a4b70f941c4aa9b) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
13:12:17.0625 5712 Kbdclass - ok
13:12:17.0640 5712 kbdhid (86c8f23616c6c6e5b2776901c17b945b) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
13:12:17.0640 5712 kbdhid - ok
13:12:17.0671 5712 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
13:12:17.0687 5712 kmixer - ok
13:12:17.0718 5712 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
13:12:17.0734 5712 KSecDD - ok
13:12:17.0796 5712 lanmanserver (3428e8f86f8add36b42fb23542c7b3e4) C:\WINDOWS\System32\srvsvc.dll
13:12:17.0796 5712 lanmanserver - ok
13:12:17.0828 5712 lanmanworkstation (936c1d110232d23b621cb0196e4f80f0) C:\WINDOWS\System32\wkssvc.dll
13:12:17.0828 5712 lanmanworkstation - ok
13:12:17.0843 5712 lbrtfdc - ok
13:12:17.0906 5712 LmHosts (0ab159f536e3e8f7f07113702a07cca5) C:\WINDOWS\System32\lmhsvc.dll
13:12:17.0906 5712 LmHosts - ok
13:12:17.0968 5712 MBAMProtector (6dfe7f2e8e8a337263aa5c92a215f161) C:\WINDOWS\system32\drivers\mbam.sys
13:12:17.0984 5712 MBAMProtector - ok
13:12:18.0078 5712 MBAMService (43683e970f008c93c9429ef428147a54) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
13:12:18.0109 5712 MBAMService - ok
13:12:18.0171 5712 MBAMSwissArmy (0db7527db188c7d967a37bb51bbf3963) C:\WINDOWS\system32\drivers\mbamswissarmy.sys
13:12:18.0187 5712 MBAMSwissArmy - ok
13:12:18.0265 5712 mdmxsdk (e246a32c445056996074a397da56e815) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
13:12:18.0265 5712 mdmxsdk - ok
13:12:18.0296 5712 Messenger (221cd1c815b8a6b79389c3f5d1018de8) C:\WINDOWS\System32\msgsvc.dll
13:12:18.0312 5712 Messenger - ok
13:12:18.0343 5712 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
13:12:18.0343 5712 mnmdd - ok
13:12:18.0406 5712 mnmsrvc (9a57d046f88f4b69751b11fd40088a61) C:\WINDOWS\System32\mnmsrvc.exe
13:12:18.0406 5712 mnmsrvc - ok
13:12:18.0453 5712 Modem (44032b0c6d9954d3fd26438330b99ee7) C:\WINDOWS\system32\drivers\Modem.sys
13:12:18.0468 5712 Modem - ok
13:12:18.0484 5712 Mouclass (4cb582831dbde63ce43b45d771218374) C:\WINDOWS\system32\DRIVERS\mouclass.sys
13:12:18.0484 5712 Mouclass - ok
13:12:18.0531 5712 mouhid (bb269eba740737ab749b214d568b6812) C:\WINDOWS\system32\DRIVERS\mouhid.sys
13:12:18.0531 5712 mouhid - ok
13:12:18.0562 5712 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
13:12:18.0578 5712 MountMgr - ok
13:12:18.0640 5712 MozillaMaintenance (166f0cbff55d16552161c154317287ca) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
13:12:18.0656 5712 MozillaMaintenance - ok
13:12:18.0656 5712 mraid35x - ok
13:12:18.0671 5712 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
13:12:18.0687 5712 MRxDAV - ok
13:12:18.0750 5712 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
13:12:18.0765 5712 MRxSmb - ok
13:12:18.0828 5712 MSDTC (6db4d1521caba9a5ffab54ade0ae867d) C:\WINDOWS\System32\msdtc.exe
13:12:18.0828 5712 MSDTC - ok
13:12:18.0843 5712 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
13:12:18.0843 5712 Msfs - ok
13:12:18.0859 5712 MSIServer - ok
13:12:18.0921 5712 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
13:12:18.0921 5712 MSKSSRV - ok
13:12:18.0937 5712 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
13:12:18.0937 5712 MSPCLOCK - ok
13:12:18.0953 5712 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
13:12:18.0968 5712 MSPQM - ok
13:12:19.0015 5712 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
13:12:19.0031 5712 mssmbios - ok
13:12:19.0062 5712 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
13:12:19.0062 5712 Mup - ok
13:12:19.0109 5712 napagent (6ea362e9db03d44f6b996f4d8be237e9) C:\WINDOWS\System32\qagentrt.dll
13:12:19.0125 5712 napagent - ok
13:12:19.0171 5712 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
13:12:19.0171 5712 NDIS - ok
13:12:19.0171 5712 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
13:12:19.0187 5712 NdisTapi - ok
13:12:19.0203 5712 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
13:12:19.0203 5712 Ndisuio - ok
13:12:19.0218 5712 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
13:12:19.0218 5712 NdisWan - ok
13:12:19.0281 5712 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
13:12:19.0281 5712 NDProxy - ok
13:12:19.0296 5712 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
13:12:19.0296 5712 NetBIOS - ok
13:12:19.0312 5712 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
13:12:19.0328 5712 NetBT - ok
13:12:19.0375 5712 NetDDE (933de774986ec85e48210c44ab431de6) C:\WINDOWS\system32\netdde.exe
13:12:19.0375 5712 NetDDE - ok
13:12:19.0390 5712 NetDDEdsdm (933de774986ec85e48210c44ab431de6) C:\WINDOWS\system32\netdde.exe
13:12:19.0390 5712 NetDDEdsdm - ok
13:12:19.0453 5712 Netlogon (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\System32\lsass.exe
13:12:19.0453 5712 Netlogon - ok
13:12:19.0500 5712 Netman (72e1e9e2977be08bdeedb6d8fd9d4d40) C:\WINDOWS\System32\netman.dll
13:12:19.0515 5712 Netman - ok
13:12:19.0671 5712 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
13:12:19.0671 5712 NetTcpPortSharing - ok
13:12:19.0750 5712 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
13:12:19.0750 5712 NIC1394 - ok
13:12:19.0812 5712 Nla (39ee7c3bfbc64ba87cc8cf67386e814c) C:\WINDOWS\System32\mswsock.dll
13:12:19.0828 5712 Nla - ok
13:12:20.0046 5712 NOD32krn (510860e311243e84b0448ec1fbe2be80) C:\Program Files\Eset\nod32krn.exe
13:12:20.0062 5712 NOD32krn - ok
13:12:20.0093 5712 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
13:12:20.0093 5712 Npfs - ok
13:12:20.0140 5712 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
13:12:20.0156 5712 Ntfs - ok
13:12:20.0234 5712 NtLmSsp (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\System32\lsass.exe
13:12:20.0234 5712 NtLmSsp - ok
13:12:20.0328 5712 NtmsSvc (023dd70573d644f3d9c8b1258a7bfd08) C:\WINDOWS\system32\ntmssvc.dll
13:12:20.0343 5712 NtmsSvc - ok
13:12:20.0390 5712 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
13:12:20.0390 5712 Null - ok
13:12:20.0437 5712 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
13:12:20.0453 5712 NwlnkFlt - ok
13:12:20.0453 5712 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
13:12:20.0453 5712 NwlnkFwd - ok
13:12:20.0468 5712 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
13:12:20.0468 5712 ohci1394 - ok
13:12:20.0656 5712 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:12:20.0656 5712 ose - ok
13:12:20.0734 5712 Parport (46f8db73b4a53e543f8e371dc7c75bae) C:\WINDOWS\system32\drivers\Parport.sys
13:12:20.0750 5712 Parport - ok
13:12:20.0765 5712 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
13:12:20.0765 5712 PartMgr - ok
13:12:20.0796 5712 ParVdm (1fae19d0457176318bba4a8795656ebc) C:\WINDOWS\system32\drivers\ParVdm.sys
13:12:20.0812 5712 ParVdm - ok
13:12:20.0843 5712 PCI (6ce351d149cb4befc702951e471e1730) C:\WINDOWS\system32\DRIVERS\pci.sys
13:12:20.0843 5712 PCI - ok
13:12:20.0843 5712 PCIDump - ok
13:12:20.0890 5712 PCIIde (2da4ec85e0ea7a45c6b2a05820492d5a) C:\WINDOWS\system32\DRIVERS\pciide.sys
13:12:20.0890 5712 PCIIde - ok
13:12:20.0921 5712 Pcmcia (4fc31e6c19a5ce5198b1abff94cae758) C:\WINDOWS\system32\drivers\Pcmcia.sys
13:12:20.0921 5712 Pcmcia - ok
13:12:20.0937 5712 PDCOMP - ok
13:12:20.0937 5712 PDFRAME - ok
13:12:20.0953 5712 PDRELI - ok
13:12:20.0968 5712 PDRFRAME - ok
13:12:20.0968 5712 perc2 - ok
13:12:20.0984 5712 perc2hib - ok
13:12:21.0062 5712 PlugPlay (9ef697af07bb8dd82c3b02ca953a95b7) C:\WINDOWS\system32\services.exe
13:12:21.0062 5712 PlugPlay - ok
13:12:21.0078 5712 PolicyAgent (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\System32\lsass.exe
13:12:21.0078 5712 PolicyAgent - ok
13:12:21.0109 5712 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
13:12:21.0109 5712 PptpMiniport - ok
13:12:21.0125 5712 Processor (7eb15dce4ec3a0220bd796a15c18186e) C:\WINDOWS\system32\DRIVERS\processr.sys
13:12:21.0140 5712 Processor - ok
13:12:21.0140 5712 ProtectedStorage (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
13:12:21.0140 5712 ProtectedStorage - ok
13:12:21.0156 5712 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
13:12:21.0171 5712 PSched - ok
13:12:21.0234 5712 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
13:12:21.0234 5712 Ptilink - ok
13:12:21.0234 5712 ql1080 - ok
13:12:21.0250 5712 Ql10wnt - ok
13:12:21.0250 5712 ql12160 - ok
13:12:21.0265 5712 ql1240 - ok
13:12:21.0281 5712 ql1280 - ok
13:12:21.0296 5712 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
13:12:21.0296 5712 RasAcd - ok
13:12:21.0359 5712 RasAuto (2b5e44ea009f2f374b980e1e9a70635d) C:\WINDOWS\System32\rasauto.dll
13:12:21.0359 5712 RasAuto - ok
13:12:21.0390 5712 Rasirda (0207d26ddf796a193ccd9f83047bb5fc) C:\WINDOWS\system32\DRIVERS\rasirda.sys
13:12:21.0390 5712 Rasirda - ok
13:12:21.0421 5712 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
13:12:21.0437 5712 Rasl2tp - ok
13:12:21.0515 5712 RasMan (d57554c664b64604bd1ee13ea2c07e77) C:\WINDOWS\System32\rasmans.dll
13:12:21.0531 5712 RasMan - ok
13:12:21.0531 5712 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
13:12:21.0546 5712 RasPppoe - ok
13:12:21.0546 5712 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
13:12:21.0546 5712 Raspti - ok
13:12:21.0609 5712 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
13:12:21.0625 5712 Rdbss - ok
13:12:21.0625 5712 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
13:12:21.0640 5712 RDPCDD - ok
13:12:21.0671 5712 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
13:12:21.0671 5712 rdpdr - ok
13:12:21.0734 5712 RDPWD (6589db6e5969f8eee594cf71171c5028) C:\WINDOWS\system32\drivers\RDPWD.sys
13:12:21.0734 5712 RDPWD - ok
13:12:21.0781 5712 RDSessMgr (c0d9d9711cb74ee9bc66353d8cbdab0e) C:\WINDOWS\system32\sessmgr.exe
13:12:21.0796 5712 RDSessMgr - ok
13:12:21.0828 5712 redbook (611bfd220305be3a85ae876ea47d4aa5) C:\WINDOWS\system32\DRIVERS\redbook.sys
13:12:21.0843 5712 redbook - ok
13:12:21.0890 5712 RemoteAccess (127c26b5371651043450e52542099aba) C:\WINDOWS\System32\mprdim.dll
13:12:21.0890 5712 RemoteAccess - ok
13:12:21.0968 5712 RemoteRegistry (8f31505484a190d5b22274708799f4ec) C:\WINDOWS\system32\regsvc.dll
13:12:21.0984 5712 RemoteRegistry - ok
13:12:22.0046 5712 rimmptsk (d85e3fa9f5b1f29bb4ed185c450d1470) C:\WINDOWS\system32\DRIVERS\rimmptsk.sys
13:12:22.0046 5712 rimmptsk - ok
13:12:22.0062 5712 rimsptsk (db8eb01c58c9fada00c70b1775278ae0) C:\WINDOWS\system32\DRIVERS\rimsptsk.sys
13:12:22.0062 5712 rimsptsk - ok
13:12:22.0078 5712 rismxdp (6c1f93c0760c9f79a1869d07233df39d) C:\WINDOWS\system32\DRIVERS\rixdptsk.sys
13:12:22.0078 5712 rismxdp - ok
13:12:22.0093 5712 RpcLocator (718b3bdc0bc3c2f7d065a53d26202af9) C:\WINDOWS\System32\locator.exe
13:12:22.0093 5712 RpcLocator - ok
13:12:22.0187 5712 RpcSs (be27674d1cbc3214aec84b4336a38bbf) C:\WINDOWS\system32\rpcss.dll
13:12:22.0203 5712 RpcSs - ok
13:12:22.0234 5712 RSVP (09ab2e71e58b078038e3bfdba7ffc984) C:\WINDOWS\System32\rsvp.exe
13:12:22.0250 5712 RSVP - ok
13:12:22.0281 5712 SamSs (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
13:12:22.0296 5712 SamSs - ok
13:12:22.0359 5712 SCardSvr (410046e401eb11e1e6749e9deea41d4a) C:\WINDOWS\System32\SCardSvr.exe
13:12:22.0359 5712 SCardSvr - ok
13:12:22.0406 5712 Schedule (3ff232a7731621b8902d81d42418c93c) C:\WINDOWS\system32\schedsvc.dll
13:12:22.0421 5712 Schedule - ok
13:12:22.0437 5712 sdbus (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys
13:12:22.0453 5712 sdbus - ok
13:12:22.0500 5712 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
13:12:22.0500 5712 Secdrv - ok
13:12:22.0578 5712 seclogon (477e2c3cc5e4a0d635bcb0ea8dcac3c6) C:\WINDOWS\System32\seclogon.dll
13:12:22.0578 5712 seclogon - ok
13:12:22.0609 5712 SENS (a530b75c10c23c9ab28fdb6ce719e21f) C:\WINDOWS\system32\sens.dll
13:12:22.0609 5712 SENS - ok
13:12:23.0031 5712 Serial (b842729337c9b921615c40d3c1a1af96) C:\WINDOWS\system32\drivers\Serial.sys
13:12:23.0062 5712 Serial - ok
13:12:23.0109 5712 sffdisk (0fa803c64df0914b41f807ea276bf2a6) C:\WINDOWS\system32\DRIVERS\sffdisk.sys
13:12:23.0140 5712 sffdisk - ok
13:12:23.0156 5712 sffp_sd (c17c331e435ed8737525c86a7557b3ac) C:\WINDOWS\system32\DRIVERS\sffp_sd.sys
13:12:23.0156 5712 sffp_sd - ok
13:12:23.0218 5712 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
13:12:23.0234 5712 Sfloppy - ok
13:12:23.0312 5712 SharedAccess (f58faca9621d2db01bd0927d9a0a208e) C:\WINDOWS\System32\ipnathlp.dll
13:12:23.0312 5712 SharedAccess - ok
13:12:23.0375 5712 ShellHWDetection (ee9a2b9ea968a792a053c9d1a86bf870) C:\WINDOWS\System32\shsvcs.dll
13:12:23.0375 5712 ShellHWDetection - ok
13:12:23.0390 5712 Simbad - ok
13:12:23.0531 5712 SkypeUpdate (f07af60b152221472fbdb2fecec4896d) C:\Program Files\Skype\Updater\Updater.exe
13:12:23.0578 5712 SkypeUpdate - ok
13:12:23.0625 5712 Sparrow - ok
13:12:23.0656 5712 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
13:12:23.0671 5712 splitter - ok
13:12:23.0718 5712 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
13:12:23.0734 5712 Spooler - ok
13:12:23.0796 5712 sr (94610c8653635e4459316a0050d55ce7) C:\WINDOWS\system32\DRIVERS\sr.sys
13:12:23.0812 5712 sr - ok
13:12:23.0890 5712 srservice (35b91147124f64ac8081a2edb9ea4dee) C:\WINDOWS\System32\srsvc.dll
13:12:23.0890 5712 srservice - ok
13:12:23.0984 5712 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
13:12:24.0000 5712 Srv - ok
13:12:24.0015 5712 SSDPSRV (becd5271dc4e3b7c3d035f790fcbc1e5) C:\WINDOWS\System32\ssdpsrv.dll
13:12:24.0031 5712 SSDPSRV - ok
13:12:24.0171 5712 STHDA (951801dfb54d86f611f0af47825476f9) C:\WINDOWS\system32\drivers\sthda.sys
13:12:24.0203 5712 STHDA - ok
13:12:24.0250 5712 StillCam (06cda2a5a549bc455d004461e6bc5b33) C:\WINDOWS\system32\DRIVERS\serscan.sys
13:12:24.0265 5712 StillCam - ok
13:12:24.0312 5712 STIrUsb (a1a16662c6b1a665d965d61b9eecc5a7) C:\WINDOWS\system32\DRIVERS\irstusb.sys
13:12:24.0312 5712 STIrUsb - ok
13:12:24.0406 5712 stisvc (c1cdd9275f6a115bb0ae1d55d8d27ba6) C:\WINDOWS\system32\wiaservc.dll
13:12:24.0437 5712 stisvc - ok
13:12:24.0484 5712 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
13:12:24.0484 5712 swenum - ok
13:12:24.0546 5712 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
13:12:24.0546 5712 swmidi - ok
13:12:24.0562 5712 SwPrv - ok
13:12:24.0578 5712 symc810 - ok
13:12:24.0578 5712 symc8xx - ok
13:12:24.0593 5712 sym_hi - ok
13:12:24.0593 5712 sym_u3 - ok
13:12:24.0656 5712 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
13:12:24.0656 5712 sysaudio - ok
13:12:24.0718 5712 SysmonLog (ce06f01b88ace199a1bf460cac29c110) C:\WINDOWS\system32\smlogsvc.exe
13:12:24.0734 5712 SysmonLog - ok
13:12:24.0781 5712 TapiSrv (c2546cd7a398476f9df5614b2ae160e8) C:\WINDOWS\System32\tapisrv.dll
13:12:24.0796 5712 TapiSrv - ok
13:12:24.0875 5712 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
13:12:24.0890 5712 Tcpip - ok
13:12:24.0937 5712 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
13:12:24.0968 5712 TDPIPE - ok
13:12:25.0000 5712 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
13:12:25.0000 5712 TDTCP - ok
13:12:25.0046 5712 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
13:12:25.0046 5712 TermDD - ok
13:12:25.0078 5712 TermService (a75dd6fc3dbee4fff5ebc9f2c28bb66e) C:\WINDOWS\System32\termsrv.dll
13:12:25.0093 5712 TermService - ok
13:12:25.0156 5712 Themes (ee9a2b9ea968a792a053c9d1a86bf870) C:\WINDOWS\System32\shsvcs.dll
13:12:25.0171 5712 Themes - ok
13:12:25.0218 5712 TlntSvr (cd0cc7b167d78043a41c98d4921efb54) C:\WINDOWS\System32\tlntsvr.exe
13:12:25.0234 5712 TlntSvr - ok
13:12:25.0234 5712 TosIde - ok
13:12:25.0312 5712 TrkWks (38853304ccb938d30e0c4cde8d2c2a8a) C:\WINDOWS\system32\trkwks.dll
13:12:25.0312 5712 TrkWks - ok
13:12:25.0375 5712 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
13:12:25.0375 5712 Udfs - ok
13:12:25.0406 5712 UIUSys - ok
13:12:25.0421 5712 ultra - ok
13:12:25.0515 5712 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
13:12:25.0562 5712 Update - ok
13:12:25.0718 5712 upnphost (651bd90dcee5b7bdc74a2eb7c9266f9e) C:\WINDOWS\System32\upnphost.dll
13:12:25.0734 5712 upnphost - ok
13:12:25.0750 5712 UPS (20a0f6a11959e92908717d09e87d670d) C:\WINDOWS\System32\ups.exe
13:12:25.0765 5712 UPS - ok
13:12:25.0796 5712 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
13:12:25.0796 5712 usbehci - ok
13:12:25.0859 5712 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
13:12:25.0875 5712 usbhub - ok
13:12:25.0906 5712 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
13:12:25.0921 5712 usbscan - ok
13:12:25.0953 5712 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
13:12:25.0953 5712 USBSTOR - ok
13:12:25.0968 5712 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
13:12:25.0968 5712 usbuhci - ok
13:12:26.0031 5712 usb_rndisx (b6cc50279d6cd28e090a5d33244adc9a) C:\WINDOWS\system32\DRIVERS\usb8023x.sys
13:12:26.0031 5712 usb_rndisx - ok
13:12:26.0031 5712 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
13:12:26.0046 5712 VgaSave - ok
13:12:26.0046 5712 ViaIde - ok
13:12:26.0062 5712 VolSnap (28a4b296b47782173c346e376cb374d1) C:\WINDOWS\system32\drivers\VolSnap.sys
13:12:26.0078 5712 VolSnap - ok
13:12:26.0140 5712 VSS (d6ba1a63d9e00933f1cd2a885573afb2) C:\WINDOWS\System32\vssvc.exe
13:12:26.0156 5712 VSS - ok
13:12:26.0203 5712 W32Time (fa4e1cdba256787f2149f4aad07bc91f) C:\WINDOWS\System32\w32time.dll
13:12:26.0218 5712 W32Time - ok
13:12:26.0250 5712 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
13:12:26.0250 5712 Wanarp - ok
13:12:26.0296 5712 wceusbsh (46a247f6617526afe38b6f12f5512120) C:\WINDOWS\system32\DRIVERS\wceusbsh.sys
13:12:26.0296 5712 wceusbsh - ok
13:12:26.0312 5712 WDICA - ok
13:12:26.0359 5712 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
13:12:26.0375 5712 wdmaud - ok
13:12:26.0390 5712 WebClient (47ae51048a82dfa1cd6b51d369f7e169) C:\WINDOWS\System32\webclnt.dll
13:12:26.0406 5712 WebClient - ok
13:12:26.0515 5712 winachsf (ba6b6fb242a6ba4068c8b763063beb63) C:\WINDOWS\system32\DRIVERS\HSX_CNXT.sys
13:12:26.0531 5712 winachsf - ok
13:12:26.0656 5712 winmgmt (e488332126e3b1182d2b8a0c35408ec6) C:\WINDOWS\system32\wbem\WMIsvc.dll
13:12:26.0671 5712 winmgmt - ok
13:12:26.0734 5712 wltrysvc - ok
13:12:26.0781 5712 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
13:12:26.0796 5712 WmdmPmSN - ok
13:12:26.0875 5712 Wmi (0171cff34bba8c5977f18c48d8aef8c6) C:\WINDOWS\System32\advapi32.dll
13:12:26.0906 5712 Wmi - ok
13:12:26.0984 5712 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
13:12:26.0984 5712 WmiAcpi - ok
13:12:27.0062 5712 WmiApSrv (23f6f03272f7e5679f1f050aed5acee6) C:\WINDOWS\System32\wbem\wmiapsrv.exe
13:12:27.0062 5712 WmiApSrv - ok
13:12:27.0281 5712 WMPNetworkSvc (3739866d20abd42f26a7b85f9e2560af) C:\Program Files\Windows Media Player\WMPNetwk.exe
13:12:27.0312 5712 WMPNetworkSvc - ok
13:12:27.0359 5712 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
13:12:27.0359 5712 WpdUsb - ok
13:12:27.0390 5712 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
13:12:27.0406 5712 WS2IFSL - ok
13:12:27.0468 5712 wscsvc (4c86d5faf78194995af9cc1075f65dd3) C:\WINDOWS\system32\wscsvc.dll
13:12:27.0484 5712 wscsvc - ok
13:12:27.0484 5712 WSearch - ok
13:12:27.0546 5712 wuauserv (c1364564800ee9784192145324a23308) C:\WINDOWS\system32\wuauserv.dll
13:12:27.0546 5712 wuauserv - ok
13:12:27.0609 5712 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
13:12:27.0625 5712 WudfPf - ok
13:12:27.0640 5712 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
13:12:27.0640 5712 WudfRd - ok
13:12:27.0656 5712 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
13:12:27.0656 5712 WudfSvc - ok
13:12:27.0750 5712 WZCSVC (a27d4ba7264c0bf52f32d10405bea1d4) C:\WINDOWS\System32\wzcsvc.dll
13:12:27.0796 5712 WZCSVC - ok
13:12:27.0828 5712 xmlprov (eaa4bb9edb3fb10cf8979fe65e63658f) C:\WINDOWS\System32\xmlprov.dll
13:12:27.0828 5712 xmlprov - ok
13:12:27.0875 5712 MBR (0x1B8) (413fc2a0c716421b3158746d63736515) \Device\Harddisk0\DR0
13:12:28.0515 5712 \Device\Harddisk0\DR0 - ok
13:12:28.0515 5712 Boot (0x1200) (6e8215355906f16380dd1b81525f5b51) \Device\Harddisk0\DR0\Partition0
13:12:28.0515 5712 \Device\Harddisk0\DR0\Partition0 - ok
13:12:28.0515 5712 ============================================================
13:12:28.0515 5712 Scan finished
13:12:28.0515 5712 ============================================================
13:12:28.0531 5700 Detected object count: 0
13:12:28.0531 5700 Actual detected object count: 0
13:12:36.0328 2656 Deinitialize success

pechytce · Příspěvekod **pechytce** » 01 srp 2012 14:05

ComboFix 12-07-30.03 - pechy 01.08.2012 13:31:44.1.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.502.129 [GMT 2:00]
Spuštěný z: c:\documents and settings\pechy\Dokumenty\Downloads\ComboFix.exe
.
VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\docume~1\pechy\LOCALS~1\Temp\_MEI25882\_ctypes.pyd
c:\docume~1\pechy\LOCALS~1\Temp\_MEI25882\_elementtree.pyd
c:\docume~1\pechy\LOCALS~1\Temp\_MEI25882\_hashlib.pyd
c:\docume~1\pechy\LOCALS~1\Temp\_MEI25882\_socket.pyd
c:\docume~1\pechy\LOCALS~1\Temp\_MEI25882\_ssl.pyd
c:\docume~1\pechy\LOCALS~1\Temp\_MEI25882\pyexpat.pyd
c:\docume~1\pechy\LOCALS~1\Temp\_MEI25882\pysqlite2._sqlite.pyd
c:\docume~1\pechy\LOCALS~1\Temp\_MEI25882\python26.dll
c:\docume~1\pechy\LOCALS~1\Temp\_MEI25882\pythoncom26.dll
c:\docume~1\pechy\LOCALS~1\Temp\_MEI25882\PyWinTypes26.dll
c:\docume~1\pechy\LOCALS~1\Temp\_MEI25882\select.pyd
c:\docume~1\pechy\LOCALS~1\Temp\_MEI25882\unicodedata.pyd
c:\docume~1\pechy\LOCALS~1\Temp\_MEI25882\win32api.pyd
c:\docume~1\pechy\LOCALS~1\Temp\_MEI25882\win32com.shell.shell.pyd
c:\docume~1\pechy\LOCALS~1\Temp\_MEI25882\win32crypt.pyd
c:\docume~1\pechy\LOCALS~1\Temp\_MEI25882\win32event.pyd
c:\docume~1\pechy\LOCALS~1\Temp\_MEI25882\win32file.pyd
c:\docume~1\pechy\LOCALS~1\Temp\_MEI25882\win32inet.pyd
c:\docume~1\pechy\LOCALS~1\Temp\_MEI25882\win32pdh.pyd
c:\docume~1\pechy\LOCALS~1\Temp\_MEI25882\win32process.pyd
c:\docume~1\pechy\LOCALS~1\Temp\_MEI25882\windows._cacheinvalidation.pyd
c:\docume~1\pechy\LOCALS~1\Temp\_MEI25882\wx._controls_.pyd
c:\docume~1\pechy\LOCALS~1\Temp\_MEI25882\wx._core_.pyd
c:\docume~1\pechy\LOCALS~1\Temp\_MEI25882\wx._gdi_.pyd
c:\docume~1\pechy\LOCALS~1\Temp\_MEI25882\wx._html2.pyd
c:\docume~1\pechy\LOCALS~1\Temp\_MEI25882\wx._misc_.pyd
c:\docume~1\pechy\LOCALS~1\Temp\_MEI25882\wx._windows_.pyd
c:\docume~1\pechy\LOCALS~1\Temp\_MEI25882\wx._wizard.pyd
c:\docume~1\pechy\LOCALS~1\Temp\_MEI25882\wxbase293u_net_vc.dll
c:\docume~1\pechy\LOCALS~1\Temp\_MEI25882\wxbase293u_vc.dll
c:\docume~1\pechy\LOCALS~1\Temp\_MEI25882\wxmsw293u_adv_vc.dll
c:\docume~1\pechy\LOCALS~1\Temp\_MEI25882\wxmsw293u_core_vc.dll
c:\docume~1\pechy\LOCALS~1\Temp\_MEI25882\wxmsw293u_html_vc.dll
c:\docume~1\pechy\LOCALS~1\Temp\_MEI25882\wxmsw293u_webview_vc.dll
c:\documents and settings\pechy\Local Settings\Temp\_MEI25882\_ctypes.pyd
c:\documents and settings\pechy\Local Settings\Temp\_MEI25882\_elementtree.pyd
c:\documents and settings\pechy\Local Settings\Temp\_MEI25882\_hashlib.pyd
c:\documents and settings\pechy\Local Settings\Temp\_MEI25882\_socket.pyd
c:\documents and settings\pechy\Local Settings\Temp\_MEI25882\_ssl.pyd
c:\documents and settings\pechy\Local Settings\Temp\_MEI25882\pyexpat.pyd
c:\documents and settings\pechy\Local Settings\Temp\_MEI25882\pysqlite2._sqlite.pyd
c:\documents and settings\pechy\Local Settings\Temp\_MEI25882\python26.dll
c:\documents and settings\pechy\Local Settings\Temp\_MEI25882\pythoncom26.dll
c:\documents and settings\pechy\Local Settings\Temp\_MEI25882\PyWinTypes26.dll
c:\documents and settings\pechy\Local Settings\Temp\_MEI25882\select.pyd
c:\documents and settings\pechy\Local Settings\Temp\_MEI25882\unicodedata.pyd
c:\documents and settings\pechy\Local Settings\Temp\_MEI25882\win32api.pyd
c:\documents and settings\pechy\Local Settings\Temp\_MEI25882\win32com.shell.shell.pyd
c:\documents and settings\pechy\Local Settings\Temp\_MEI25882\win32crypt.pyd
c:\documents and settings\pechy\Local Settings\Temp\_MEI25882\win32event.pyd
c:\documents and settings\pechy\Local Settings\Temp\_MEI25882\win32file.pyd
c:\documents and settings\pechy\Local Settings\Temp\_MEI25882\win32inet.pyd
c:\documents and settings\pechy\Local Settings\Temp\_MEI25882\win32pdh.pyd
c:\documents and settings\pechy\Local Settings\Temp\_MEI25882\win32process.pyd
c:\documents and settings\pechy\Local Settings\Temp\_MEI25882\windows._cacheinvalidation.pyd
c:\documents and settings\pechy\Local Settings\Temp\_MEI25882\wx._controls_.pyd
c:\documents and settings\pechy\Local Settings\Temp\_MEI25882\wx._core_.pyd
c:\documents and settings\pechy\Local Settings\Temp\_MEI25882\wx._gdi_.pyd
c:\documents and settings\pechy\Local Settings\Temp\_MEI25882\wx._html2.pyd
c:\documents and settings\pechy\Local Settings\Temp\_MEI25882\wx._misc_.pyd
c:\documents and settings\pechy\Local Settings\Temp\_MEI25882\wx._windows_.pyd
c:\documents and settings\pechy\Local Settings\Temp\_MEI25882\wx._wizard.pyd
c:\documents and settings\pechy\Local Settings\Temp\_MEI25882\wxbase293u_net_vc.dll
c:\documents and settings\pechy\Local Settings\Temp\_MEI25882\wxbase293u_vc.dll
c:\documents and settings\pechy\Local Settings\Temp\_MEI25882\wxmsw293u_adv_vc.dll
c:\documents and settings\pechy\Local Settings\Temp\_MEI25882\wxmsw293u_core_vc.dll
c:\documents and settings\pechy\Local Settings\Temp\_MEI25882\wxmsw293u_html_vc.dll
c:\documents and settings\pechy\Local Settings\Temp\_MEI25882\wxmsw293u_webview_vc.dll
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\system32\DEBUG.log
c:\windows\system32\dllcache\dlimport.exe
c:\windows\system32\dllcache\wmpvis.dll
c:\windows\system32\ijl11.dll
c:\windows\system32\muzapp.exe
c:\windows\system32\vbpng1.dll
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-07-01 do 2012-08-01 )))))))))))))))))))))))))))))))
.
.
2012-08-01 06:19 . 2012-08-01 06:20 -------- d-----w- c:\program files\CrystalDiskInfo
2012-08-01 05:00 . 2012-08-01 05:00 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2012-07-31 22:02 . 2012-07-31 22:02 -------- d-----w- c:\documents and settings\pechy\Data aplikací\Malwarebytes
2012-07-31 22:01 . 2012-07-31 22:01 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2012-07-31 22:01 . 2012-07-03 11:46 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-07-31 22:01 . 2012-07-31 22:02 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-07-31 18:43 . 2012-07-31 18:43 388096 ----a-r- c:\documents and settings\pechy\Data aplikací\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-07-31 18:43 . 2012-07-31 18:43 -------- d-----w- c:\program files\Trend Micro
2012-07-27 17:51 . 2001-08-17 19:51 19584 -c--a-w- c:\windows\system32\dllcache\rasirda.sys
2012-07-27 17:51 . 2001-08-17 19:51 19584 ----a-w- c:\windows\system32\drivers\rasirda.sys
2012-07-27 17:51 . 2008-04-14 03:22 152064 -c--a-w- c:\windows\system32\dllcache\irftp.exe
2012-07-27 17:51 . 2008-04-14 03:22 152064 ----a-w- c:\windows\system32\irftp.exe
2012-07-27 17:51 . 2008-04-14 03:21 27648 -c--a-w- c:\windows\system32\dllcache\irmon.dll
2012-07-27 17:51 . 2008-04-14 03:21 27648 ----a-w- c:\windows\system32\irmon.dll
2012-07-27 17:51 . 2008-04-13 18:54 88192 -c--a-w- c:\windows\system32\dllcache\irda.sys
2012-07-27 17:51 . 2008-04-13 18:54 88192 ----a-w- c:\windows\system32\drivers\irda.sys
2012-07-27 17:50 . 2001-08-17 19:49 26624 -c--a-w- c:\windows\system32\dllcache\irstusb.sys
2012-07-27 17:50 . 2001-08-17 19:49 26624 ----a-w- c:\windows\system32\drivers\irstusb.sys
2012-07-27 17:43 . 2006-10-25 15:05 640000 ----a-w- c:\windows\system32\Calculate.dll
2012-07-27 17:43 . 2004-07-05 08:52 15259 ----a-w- c:\windows\system32\compress.exe
2012-07-27 17:42 . 2012-07-27 17:43 -------- d-----w- c:\program files\SmartTRAK
2012-07-24 08:18 . 2012-07-24 14:12 -------- d-----w- c:\documents and settings\pechy\Data aplikací\GeoSetter
2012-07-24 08:17 . 2012-07-24 08:17 -------- d-----w- c:\program files\GeoSetter
2012-07-24 07:08 . 2012-07-24 07:08 -------- d-----r- c:\program files\Skype
2012-07-24 07:08 . 2012-07-24 07:08 -------- d-----w- c:\program files\Common Files\Skype
2012-07-06 14:49 . 2012-07-06 15:34 -------- d-----w- C:\j
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-07-27 08:51 . 2012-04-09 17:22 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-07-27 08:51 . 2011-10-21 16:43 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-06-13 13:55 . 2001-10-25 12:00 1866112 ----a-w- c:\windows\system32\win32k.sys
2012-06-05 15:49 . 2009-08-19 15:07 1372672 ----a-w- c:\windows\system32\msxml6.dll
2012-06-05 15:49 . 2001-10-25 12:00 1172480 ----a-w- c:\windows\system32\msxml3.dll
2012-06-04 04:32 . 2001-10-25 12:00 152576 ----a-w- c:\windows\system32\schannel.dll
2012-06-02 13:19 . 2009-08-06 17:24 15384 ----a-w- c:\windows\system32\wuaucpl.cpl.mui
2012-06-02 13:19 . 2009-08-06 17:24 22552 ----a-w- c:\windows\system32\wucltui.dll.mui
2012-06-02 13:19 . 2011-10-21 16:01 219160 ----a-w- c:\windows\system32\wuaucpl.cpl
2012-06-02 13:19 . 2011-10-21 16:01 329240 ----a-w- c:\windows\system32\wucltui.dll
2012-06-02 13:19 . 2011-10-21 16:01 210968 ----a-w- c:\windows\system32\wuweb.dll
2012-06-02 13:19 . 2011-10-21 16:01 35864 ----a-w- c:\windows\system32\wups.dll
2012-06-02 13:19 . 2011-10-21 12:54 53784 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-02 13:19 . 2009-08-06 17:24 45080 ----a-w- c:\windows\system32\wups2.dll
2012-06-02 13:19 . 2009-08-06 17:24 18456 ----a-w- c:\windows\system32\wuaueng.dll.mui
2012-06-02 13:19 . 2009-08-06 17:24 15384 ----a-w- c:\windows\system32\wuapi.dll.mui
2012-06-02 13:19 . 2001-10-25 12:00 97304 ----a-w- c:\windows\system32\cdm.dll
2012-06-02 13:19 . 2011-10-21 16:01 577048 ----a-w- c:\windows\system32\wuapi.dll
2012-06-02 13:19 . 2011-10-21 12:54 1933848 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-02 13:19 . 2011-12-16 18:34 17648 ----a-w- c:\windows\system32\mucltui.dll.mui
2012-06-02 13:18 . 2011-12-16 18:34 275696 ----a-w- c:\windows\system32\mucltui.dll
2012-06-02 13:18 . 2009-08-06 18:23 214256 ----a-w- c:\windows\system32\muweb.dll
2012-05-31 13:22 . 2001-10-25 12:00 602112 ----a-w- c:\windows\system32\crypt32.dll
2012-05-24 21:18 . 2012-05-24 21:18 4472832 ----a-w- c:\windows\system32\GPhotos.scr
2012-05-16 15:09 . 2001-10-25 12:00 916992 ----a-w- c:\windows\system32\wininet.dll
2012-05-11 14:44 . 2001-10-25 12:00 43520 ------w- c:\windows\system32\licmgr10.dll
2012-05-11 14:44 . 2001-10-25 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2012-05-11 11:38 . 2011-10-21 16:01 385024 ------w- c:\windows\system32\html.iec
2012-05-05 03:14 . 2001-10-25 12:00 2150400 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-05-05 03:14 . 2001-10-24 11:46 2028544 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-08-11 11:18 . 2011-08-11 11:18 128960 ----a-w- c:\program files\mozilla firefox\plugins\CCMSDK.dll
2011-08-10 22:16 . 2011-08-10 22:16 96192 ----a-w- c:\program files\mozilla firefox\plugins\CgpCore.dll
2011-08-11 11:18 . 2011-08-11 11:18 92096 ----a-w- c:\program files\mozilla firefox\plugins\confmgr.dll
2011-08-11 11:18 . 2011-08-11 11:18 22976 ----a-w- c:\program files\mozilla firefox\plugins\ctxlogging.dll
2011-08-11 11:18 . 2011-08-11 11:18 370624 ----a-w- c:\program files\mozilla firefox\plugins\ctxmui.dll
2011-08-11 11:18 . 2011-08-11 11:18 32192 ----a-w- c:\program files\mozilla firefox\plugins\icafile.dll
2011-08-11 11:18 . 2011-08-11 11:18 40896 ----a-w- c:\program files\mozilla firefox\plugins\icalogon.dll
2011-08-10 22:18 . 2011-08-10 22:18 898480 ----a-w- c:\program files\mozilla firefox\plugins\sslsdk_b.dll
2011-08-10 22:16 . 2011-08-10 22:16 24512 ----a-w- c:\program files\mozilla firefox\plugins\TcpPServ.dll
2012-06-11 06:28 . 2012-01-07 22:13 85472 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2012-06-20 17:02 556056 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2012-06-20 17:02 556056 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2012-06-20 17:02 556056 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2012-06-20 17:02 556056 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GoogleDriveSync"="c:\program files\Google\Drive\googledrivesync.exe" [2012-06-20 12163848]
"H/PC Connection Agent"="c:\program files\Microsoft ActiveSync\Wcescomm.exe" [2006-11-13 1289000]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2012-07-13 17418928]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\System32\igfxtray.exe" [2007-03-30 138008]
"HotKeysCmds"="c:\windows\System32\hkcmd.exe" [2007-03-30 162584]
"Persistence"="c:\windows\System32\igfxpers.exe" [2007-03-30 138008]
"Broadcom Wireless Manager UI"="c:\windows\System32\WLTRAY.exe" [2007-10-09 2183168]
"SigmatelSysTrayApp"="c:\program files\SigmaTel\C-Major Audio\WDM\stsystra.exe" [2007-05-10 405504]
"ConnectionCenter"="c:\program files\Citrix\ICA Client\redirector.exe" [2011-08-11 128960]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\pechy\Nabídka Start\Programy\Po spuštění\
Facebook Messenger.lnk - c:\documents and settings\pechy\Local Settings\Data aplikací\Facebook\Messenger\2.1.4590.0\FacebookMessenger.exe [2012-7-26 244656]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2006-5-24 622653]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Citrix\ICACLI~1\RSHook.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 03:22 1695232 ----a-w- c:\program files\Messenger\msmsgs.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\totalcmd\\TOTALCMD.EXE"=
"c:\\Program Files\\Maxthon3\\Bin\\MxUp.exe"=
"c:\\Program Files\\Maxthon3\\Bin\\Maxthon.exe"=
"c:\\Program Files\\Maxthon3\\Modules\\MxMiniThunder\\ThunderMini.exe"=
"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"139:TCP"= 139:TCP:LocalSubNet,89.250.245.10/255.255.255.255:Enabled:@xpsp2res.dll,-22004
"445:TCP"= 445:TCP:LocalSubNet,89.250.245.10/255.255.255.255:Enabled:@xpsp2res.dll,-22005
"137:UDP"= 137:UDP:LocalSubNet,89.250.245.10/255.255.255.255:Enabled:@xpsp2res.dll,-22001
"138:UDP"= 138:UDP:LocalSubNet,89.250.245.10/255.255.255.255:Enabled:@xpsp2res.dll,-22002
"2221:TCP"= 2221:TCP:Esset2221
"2222:TCP"= 2222:TCP:Esset2222
"2223:TCP"= 2223:TCP:Esset2223
"2224:TCP"= 2224:TCP:Esset2224
"2846:TCP"= 2846:TCP:Esset2846
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\RemoteAdminSettings]
"RemoteAddresses"= LocalSubNet,89.250.245.10/255.255.255.255
"Enabled"= 1 (0x1)
.
R1 ctxusbm;Citrix USB Monitor Driver;c:\windows\system32\drivers\ctxusbm.sys [25.4.2011 1:49 66776]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [28.3.2012 9:57 242240]
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [21.12.2010 15:04 118104]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [21.12.2010 13:47 103112]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [1.8.2012 0:01 22344]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [1.8.2012 7:00 40776]
.
Obsah adresáře 'Naplánované úlohy'
.
2012-08-01 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-09 08:51]
.
2012-08-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-05-18 15:10]
.
2012-08-01 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-05-18 15:10]
.
.
------- Doplňkový sken -------
.
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Send to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
DPF: {9EF2BA47-C6A7-470D-9DD9-4323B0CB8353} - hxxp://vrchoslav.araxon.cz/WebClient.cab
FF - ProfilePath - c:\documents and settings\pechy\Data aplikací\Mozilla\Firefox\Profiles\nrah0ski.default\
FF - prefs.js: browser.startup.homepage - www.facebook.com
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-08-01 13:44
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(1064)
c:\windows\System32\BCMLogon.dll
.
- - - - - - - > 'explorer.exe'(2416)
c:\program files\Google\Drive\googledrivesync32.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\System32\btncopy.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
c:\program files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe
c:\windows\System32\WLTRYSVC.EXE
c:\windows\System32\bcmwltry.exe
c:\windows\system32\SearchIndexer.exe
c:\windows\system32\wscntfy.exe
c:\windows\System32\wbem\wmiapsrv.exe
c:\windows\System32\igfxsrvc.exe
c:\progra~1\MICROS~3\rapimgr.exe
c:\progra~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
.
**************************************************************************
.
Celkový čas: 2012-08-01 14:00:35 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-08-01 12:00
.
Před spuštěním: 1 009 889 280
Po spuštění: 1 014 763 520
.
- - End Of File - - DD31A78C5A4AE46D60390072C69E54C9

Příspěvekod **Žbeky** » 01 srp 2012 22:24

Znáš složku C:\j?

Stejně jako tyto porty:
"2221:TCP"= 2221:TCP:Esset2221
"2222:TCP"= 2222:TCP:Esset2222
"2223:TCP"= 2223:TCP:Esset2223
"2224:TCP"= 2224:TCP:Esset2224
"2846:TCP"= 2846:TCP:Esset2846

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

KillAll::

Folder::
c:\program files\Google\Update

File::
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu

pechytce · Příspěvekod **pechytce** » 02 srp 2012 09:33

tak mi to nejak nejde, script jsem dal do combo fixu, ten to srouchstal,projel a ve finale se nastavila tabulka, ze bude hledat nejake infikovane soubory,ze to muze trvat cca 10 minut, me to trvalo od vcerejsi pulnoci do dnesniho rana, potom restart ntb...potom jsem to zkousel znovu,asi hodinu a zase bez uspesne..... takze log mi proste nevyjel..
Jinak ten slozku C:\j znam, je to zaloha jednoho telefonu...
2221:TCP"= 2221:TCP:Esset2221
"2222:TCP"= 2222:TCP:Esset2222
"2223:TCP"= 2223:TCP:Esset2223
"2224:TCP"= 2224:TCP:Esset2224
"2846:TCP"= 2846:TCP:Esset2846 tak toto neznam..

Jinak se mi ted ntb zpomalil jeste o pulku, takze ted nejede skoro vubec :-(

Příspěvekod **jaro3** » 02 srp 2012 09:45

Ten ESET , máš tam zbytky , o jaký typ se jednalo?

pechytce · Příspěvekod **pechytce** » 02 srp 2012 20:13

Mel by to byt takovy ten 30-ti denni trial verze nod 32.... a asi jsem ho parkrat otocil....

NTB uz zase neni moc ve forme Vyřešeno

NTB uz zase neni moc ve forme

Re: NTB uz zase neni moc ve forme

Re: NTB uz zase neni moc ve forme

Re: NTB uz zase neni moc ve forme

Re: NTB uz zase neni moc ve forme

Re: NTB uz zase neni moc ve forme

Re: NTB uz zase neni moc ve forme

Re: NTB uz zase neni moc ve forme

Re: NTB uz zase neni moc ve forme

Re: NTB uz zase neni moc ve forme

Re: NTB uz zase neni moc ve forme

Re: NTB uz zase neni moc ve forme

Kdo je online