Prosím o kontrolu logu a radu Vyřešeno

[Anonym19]

Po naběhnutí operačního systému na úvodní stránku se mi objeví hláška "Vstupní bod procedury SymSetSymWithAddr 64 se nepodařilo v dynamicky propojované knihovně DBGHELP.dll nalézt".Mám OS XP Home. Zkusil jsem v prikazovem radku dat regsvr32 dbghelp.dll a napsalo mi to dbghelp.dll byl načten, ale nebyl nalezen vstupní bod DllRegisterServer. Tento soubor nelze zaregistrovat.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:13:15, on 13.6.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\bcmwltry.exe
C:\Program Files\ASUS\EPU-6 Engine\SixEngine.exe
C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\A4Tech\Mouse\Amoumain.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\1_hry\Phone\Skype.exe
C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
C:\Program Files\Pinnacle\Shared Files\Programs\Remote\Remoterm.exe
C:\Program Files\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
C:\Program Files\Belkin\Belkin 802.11g Wireless PCI Card Configuration Utility\utility.exe
C:\Program Files\Belkin\F5D7000v7032\Belkinwcui.exe
C:\Program Files\Pinnacle\Shared Files\Programs\StrmServer\StrmServer.exe
C:\ASUS.SYS\config\DVMExportService.exe
C:\Program Files\ICQ6Toolbar\ICQ Service.exe
C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\Uživatel\Plocha\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\1_hry\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [GEST] =
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /install
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [bcmwltry] bcmwltry.exe
O4 - HKLM\..\Run: [removecpl] RemoveCpl.exe
O4 - HKLM\..\Run: [Six Engine] "C:\Program Files\ASUS\EPU-6 Engine\SixEngine.exe" -b
O4 - HKLM\..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles
O4 - HKLM\..\Run: [Nokia FastStart] "C:\Program Files\Nokia\Nokia Music\NokiaMusic.exe" /command:faststart
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\FirstStart.exe" /OM
O4 - HKLM\..\Run: [WheelMouse] C:\Program Files\A4Tech\Mouse\Amoumain.exe
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\\PSDrvCheck.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [EPSON Stylus SX200 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIEFE.EXE /FU "C:\WINDOWS\TEMP\E_S102.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" -NoStart
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Skype] "C:\1_hry\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [NVIDIA driver monitor] C:\WINDOWS\nvsvc32.exe
O4 - HKCU\..\Run: [RemoTerm.exe] C:\Program Files\Common Files\PCTV Systems\RemoTerm\RemoTerm.exe
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe"
O4 - HKCU\..\Run: [PMCRemote] C:\Program Files\Pinnacle\Shared Files\Programs\Remote\Remoterm.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: AutoCAD Startup Accelerator.lnk = C:\Program Files\Common Files\Autodesk Shared\acstart17.exe
O4 - Global Startup: Belkin 802.11g Wireless PCI Card Configuration Utility.lnk = ?
O4 - Global Startup: Belkin Wireless G Desktop Card Client Utility.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Pinnacle Streaming Server.lnk = C:\Program Files\Pinnacle\Shared Files\Programs\StrmServer\StrmServer.exe
O9 - Extra button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\1_hry\ICQ7.0\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\1_hry\ICQ7.0\ICQ.exe
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\1_hry\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\1_hry\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{E0015BB1-ADED-4CA6-BC07-EF371D11BD29}: NameServer = 10.0.0.138
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\1_hry\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: ASUS System Control Service (AsSysCtrlService) - Unknown owner - C:\Program Files\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: DeviceVM Meta Data Export Service (DvmMDES) - DeviceVM - C:\ASUS.SYS\config\DVMExportService.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe

--
End of file - 11557 bytes

[Reklama]

[Žbeky]

Odinstaluj:
ICQToolBar
Google Toolbar


Fixni:

Kód: Vybrat vše

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll)
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [GEST] =
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\\PSDrvCheck.exet
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - Global Startup: AutoCAD Startup Accelerator.lnk = C:\Program Files\Common Files\Autodesk Shared\acstart17.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
- Pokud používáš Firefox, klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
- Pokud používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
- Pokud používáš Chrome, nic dalšího nevybírej a dej Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Update Malwarebytes' Anti-Malware (Aktualizace Malwarebytes' Anti-Malware) a Launch Malwarebytes' Anti-Malware (Spustit aplikaci Malwarebytes' Anti-Malware), pokud jo tak klikni na tlačítko Finish
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Perform Quick Scan (Provést rychlý sken) a klikni na tlačítko Scan (Skenovat)
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- pak zvol možnost Save Logfile a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(ZATÍM SÁM NIC NEMAŽ!).
Vlož sem pak obsah toho logu.

[Anonym19]

Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware) 1.61.0.1400
www.malwarebytes.org

Verze databáze: v2012.06.14.08

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Uživatel :: U-CFC2265D51644 [administrátor]

Ochrana: Povolena

14.6.2012 19:06:02
mbam-log-2012-06-14 (19-26-28).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 222602
Uplynulý čas: 18 minut, 26 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 1
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\Install\Software\Microsoft\Windows\CurrentVersion\Run|NVIDIA driver monitor (Backdoor.Agent) -> Data: C:\WINDOWS\nvsvc32.exe -> Žádná instrukce nebyla provedena.

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)

(konec)

[Žbeky]

Znovu spusť MbAM a dej Scan
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- ujistit se že máš zatrhnuté všechny vypsané nálezy a klikni na tlačítko Remove Selected
- když skončí odstraňování tak se ti zobrazí log, tak ho sem dej.
- pak zvol v programu OK a pak program ukonči přes Exit

Vypni rezidentní štít antiviru a antispywaru
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud bude po kontrole problém spustit aplikace nebo bude vyskakovat hláška o pokusu použít neplatnou operaci na klíč registru, který je označen pro odstranění, stačí restartovat počítač.

[Anonym19]

proc mam vypinat ten rezidentní stit a kde ho vypnu?

[Anonym19]

Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware) 1.61.0.1400
www.malwarebytes.org

Verze databáze: v2012.06.14.08

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Uživatel :: U-CFC2265D51644 [administrátor]

Ochrana: Povolena

14.6.2012 21:05:51
mbam-log-2012-06-14 (21-05-51).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 222475
Uplynulý čas: 14 minut, 7 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 1
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\Install\Software\Microsoft\Windows\CurrentVersion\Run|NVIDIA driver monitor (Backdoor.Agent) -> Data: C:\WINDOWS\nvsvc32.exe -> Umístnění do karantény a smazání se zdařilo.

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)

(konec)

[Anonym19]

ComboFix 12-06-14.01 - Uživatel 14.06.2012 21:49:25.1.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.3327.2465 [GMT 2:00]
Spuštěný z: c:\documents and settings\Uživatel\Plocha\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\Install.exe
c:\program files\Mozilla Maintenance Service
c:\program files\Mozilla Maintenance Service\maintenanceservice.exe
c:\program files\Mozilla Maintenance Service\Uninstall.exe
c:\program files\Mozilla Maintenance Service\updater.ini
c:\windows\attach.log
c:\windows\IsUn0405.exe
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\system32\WINXP
c:\windows\system32\WINXP\msgclose.exe
c:\windows\system32\WINXP\setup.inx
c:\windows\XSxS
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_MozillaMaintenance
-------\Service_MozillaMaintenance
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-05-14 do 2012-06-14 )))))))))))))))))))))))))))))))
.
.
2012-06-14 17:04 . 2012-06-14 17:04 -------- d-----w- c:\documents and settings\Uživatel\Data aplikací\Malwarebytes
2012-06-14 17:04 . 2012-06-14 17:04 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-06-14 17:04 . 2012-04-04 13:56 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-06-14 13:48 . 2012-05-11 14:44 521728 -c----w- c:\windows\system32\dllcache\jsdbgui.dll
2012-06-08 20:08 . 2012-06-08 20:08 770384 ----a-w- c:\program files\Mozilla Firefox\msvcr100.dll
2012-06-08 20:08 . 2012-06-08 20:08 421200 ----a-w- c:\program files\Mozilla Firefox\msvcp100.dll
2012-06-08 15:08 . 2012-06-10 18:36 -------- d-----w- c:\documents and settings\All Users\Data aplikac
2012-06-08 15:02 . 2012-06-08 15:02 -------- d-----w- c:\program files\SmartSound Software
2012-06-08 15:01 . 2004-07-02 14:28 84992 ----a-w- c:\windows\system32\ATL70.DLL
2012-06-08 14:59 . 2005-02-09 09:59 14165 ----a-w- c:\windows\system32\drivers\Pclepci.sys
2012-06-08 14:59 . 2004-02-24 10:04 41219 ----a-w- c:\windows\RSETPATH.exe
2012-06-08 14:56 . 2005-03-21 17:04 729088 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iKernel.dll
2012-06-08 14:56 . 2003-11-10 16:13 69715 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\ctor.dll
2012-06-08 14:56 . 2003-11-10 16:12 266240 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iscript.dll
2012-06-08 14:56 . 2003-11-10 16:12 192512 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iuser.dll
2012-06-08 14:56 . 2003-11-10 16:11 5632 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\DotNetInstaller.exe
2012-06-08 14:56 . 2012-06-08 14:56 311428 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\setup.dll
2012-06-08 14:56 . 2012-06-08 14:56 188548 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iGdi.dll
2012-06-08 14:43 . 2012-06-08 14:43 -------- d-----w- c:\documents and settings\Uživatel\Data aplikací\Publish Providers
2012-06-08 14:40 . 2012-06-08 14:40 -------- d-----w- c:\documents and settings\Uživatel\Local Settings\Data aplikací\Sony
2012-06-08 14:35 . 2012-06-08 14:35 -------- d-----w- c:\program files\Sony
2012-06-08 14:34 . 2012-06-08 14:43 -------- d-----w- c:\documents and settings\Uživatel\Data aplikací\Sony
2012-06-06 16:12 . 2012-06-06 16:12 -------- d-----w- c:\documents and settings\Uživatel\Data aplikací\Unigraphics Solutions
2012-06-06 16:09 . 2012-06-06 16:09 -------- d-----w- c:\documents and settings\Uživatel\Local Settings\Data aplikací\Femap
2012-06-06 16:04 . 2012-06-06 16:13 -------- d-----w- c:\program files\Solid Edge ST4
2012-06-06 16:01 . 2012-06-06 16:01 -------- d-----w- c:\program files\Microsoft.NET
2012-05-29 16:41 . 2012-05-29 16:41 -------- d-----w- c:\program files\Common Files\Java
2012-05-29 16:40 . 2012-05-29 16:40 143872 ----a-w- c:\windows\system32javacpl.cpl
2012-05-27 17:43 . 2012-05-27 17:43 -------- d-----w- c:\program files\Lame For Audacity
2012-05-21 18:39 . 2012-05-21 18:39 -------- d-----w- c:\documents and settings\Uživatel\Data aplikací\Design Science
2012-05-21 18:39 . 2012-05-21 18:39 -------- d-----w- c:\program files\MathType
2012-05-21 18:05 . 2012-05-21 18:05 -------- d-----w- c:\program files\Rapid-Pi
2012-05-21 13:42 . 2012-05-21 13:42 -------- d-----w- C:\angličtina
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-06-11 15:33 . 2012-04-02 14:10 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-06-11 15:33 . 2011-05-15 11:22 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-05-31 13:22 . 2008-04-14 12:00 602112 ----a-w- c:\windows\system32\crypt32.dll
2012-05-16 15:09 . 2008-04-14 12:00 916992 ----a-w- c:\windows\system32\wininet.dll
2012-05-15 13:55 . 2008-04-14 12:00 1863168 ------w- c:\windows\system32\win32k.sys
2012-05-11 14:44 . 2008-04-14 12:00 43520 ------w- c:\windows\system32\licmgr10.dll
2012-05-11 14:44 . 2008-04-14 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2012-05-11 11:38 . 2008-04-14 12:00 385024 ------w- c:\windows\system32\html.iec
2012-05-05 03:14 . 2008-04-14 12:00 2150400 ------w- c:\windows\system32\ntoskrnl.exe
2012-05-05 03:14 . 2008-04-14 08:06 2028544 ------w- c:\windows\system32\ntkrnlpa.exe
2012-05-02 13:46 . 2002-01-01 20:24 139656 ------w- c:\windows\system32\drivers\rdpwd.sys
2012-04-04 16:47 . 2011-01-18 18:18 143872 ----a-w- c:\windows\system32\javacpl.cpl
2012-04-04 16:47 . 2012-01-27 17:43 772504 ----a-w- c:\windows\system32\npdeployJava1.dll
2012-04-04 16:47 . 2011-01-18 18:18 687504 ----a-w- c:\windows\system32\deployJava1.dll
2012-03-20 18:44 . 2012-03-20 18:44 171064 ----a-w- c:\windows\system32\drivers\MpFilter.sys
2012-06-08 20:08 . 2011-03-28 15:02 85472 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OM2_Monitor"="c:\program files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" [2007-09-04 95536]
"Skype"="c:\1_hry\Phone\Skype.exe" [2010-03-09 26100520]
"TomTomHOME.exe"="c:\program files\TomTom HOME 2\TomTomHOMERunner.exe" [2011-04-22 247728]
"PMCRemote"="c:\program files\Pinnacle\Shared Files\Programs\Remote\Remoterm.exe" [2008-11-18 226576]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GEST"="=" [X]
"NokiaMServer"="c:\program files\Common Files\Nokia\MPlatform\NokiaMServer" [X]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"nwiz"="c:\program files\NVIDIA Corporation\nView\nwiz.exe" [2009-08-12 1657376]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-08-17 13877248]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-08-17 86016]
"RTHDCPL"="RTHDCPL.EXE" [2009-05-21 17881600]
"bcmwltry"="bcmwltry.exe" [2003-07-25 462848]
"Six Engine"="c:\program files\ASUS\EPU-6 Engine\SixEngine.exe" [2009-06-26 6036992]
"Nokia FastStart"="c:\program files\Nokia\Nokia Music\NokiaMusic.exe" [2009-02-26 2376992]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2006-09-01 282624]
"OM2_Monitor"="c:\program files\OLYMPUS\OLYMPUS Master 2\FirstStart.exe" [2007-09-04 54576]
"WheelMouse"="c:\program files\A4Tech\Mouse\Amoumain.exe" [2007-05-15 204800]
"AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-01-03 500208]
"SwitchBoard"="c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5ServiceManager"="c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-03-27 37296]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 843712]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-26 931200]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296]
"PinnacleDriverCheck"="c:\windows\system32\\PSDrvCheck.exe" [2004-03-10 406016]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
AutoCAD Startup Accelerator.lnk - c:\program files\Common Files\Autodesk Shared\acstart17.exe [2006-3-5 11000]
Belkin 802.11g Wireless PCI Card Configuration Utility.lnk - c:\program files\Belkin\Belkin 802.11g Wireless PCI Card Configuration Utility\utility.exe [2009-10-3 327765]
Belkin Wireless G Desktop Card Client Utility.lnk - c:\program files\Belkin\F5D7000v7032\Belkinwcui.exe [2009-10-3 1560576]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office\OSA9.EXE [2000-1-21 65588]
Pinnacle Streaming Server.lnk - c:\program files\Pinnacle\Shared Files\Programs\StrmServer\StrmServer.exe [2008-3-25 603408]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\1_hry\\FlatOut Ultimate Carnage\\Fouc.exe"=
"c:\\1_hry\\Plugin Manager\\skypePM.exe"=
"c:\\1_hry\\ICQ7.0\\ICQ.exe"=
"c:\\1_hry\\ICQ7.0\\aolload.exe"=
"c:\\1_sta~eno\\11tor\\uTorrent.exe"=
"c:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"=
"c:\\1_hry\\Phone\\Skype.exe"=
"c:\\Program Files\\totalcmd\\TOTALCMD.EXE"=
"c:\\Program Files\\Pinnacle\\Studio 10\\programs\\RM.exe"=
"c:\\Program Files\\Pinnacle\\Studio 10\\programs\\Studio.exe"=
"c:\\Program Files\\Pinnacle\\Studio 10\\programs\\PMSRegisterFile.exe"=
"c:\\Program Files\\Pinnacle\\Studio 10\\programs\\umi.exe"=
.
R2 AsSysCtrlService;ASUS System Control Service;c:\program files\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [4.10.2009 14:34 90112]
R2 DvmMDES;DeviceVM Meta Data Export Service;c:\asus.sys\config\DVMExportService.exe [10.4.2009 18:29 294912]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [14.6.2012 19:04 654408]
R2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [22.4.2011 14:21 92592]
R3 DNINDIS5;DNINDIS5 NDIS Protocol Driver;c:\progra~1\Belkin\BELKIN~1.11G\DNINDIS5.SYS [3.10.2009 13:59 17149]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [14.6.2012 19:04 22344]
R3 PinnacleRoyalTS;Pinnacle Systems RoyalTS Device;c:\windows\system32\drivers\RoyalTS.sys [17.11.2011 18:48 123520]
S1 MpKsl42f7ba3e;MpKsl42f7ba3e;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{02551F28-BE30-4539-8E2D-EDD86A472C5A}\MpKsl42f7ba3e.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{02551F28-BE30-4539-8E2D-EDD86A472C5A}\MpKsl42f7ba3e.sys [?]
S1 tdx;@%SystemRoot%\system32\tcpipcfg.dll,-50004;c:\windows\system32\DRIVERS\tdx.sys --> c:\windows\system32\DRIVERS\tdx.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18.3.2010 13:16 130384]
S2 iphlpsvc;@%SystemRoot%\system32\iphlpsvc.dll,-200;c:\windows\System32\svchost.exe -k NetSvcs [14.4.2008 14:00 14336]
S3 3xHybrid;Pinnacle PCTV 100i-110i-300i-310i-MCE;c:\windows\system32\drivers\3xHybrid.sys [4.10.2009 13:59 1121536]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2.4.2012 16:10 257224]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [3.10.2009 12:52 1684736]
S3 azvusb;Virtual USB Hub;c:\windows\system32\drivers\azvusb.sys [24.8.2009 10:14 44544]
S3 Belkin700F;Belkin Wireless G Desktop Card Service v7;c:\windows\system32\drivers\BLKWGDv7.sys [3.10.2009 14:01 303616]
S3 PLCND532;PLCND532 NDIS Protocol Driver;c:\windows\system32\drivers\PLCND532.sys [14.12.2007 10:26 26656]
S3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [19.2.2010 14:37 517096]
S3 WinDefend;Windows Defender;c:\windows\System32\svchost.exe -k secsvcs [14.4.2008 14:00 14336]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18.3.2010 13:16 753504]
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - IPHLPSVC
*NewlyCreated* - WS2IFSL
.
Obsah adresáře 'Naplánované úlohy'
.
2012-06-14 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-02 15:33]
.
2012-01-07 c:\windows\Tasks\AdobeAAMUpdater-1.0-U-CFC2265D51644-Uživatel.job
- c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [2012-01-03 20:07]
.
2012-06-14 c:\windows\Tasks\Microsoft Antimalware Scheduled Scan.job
- c:\program files\Microsoft Security Client\MpCmdRun.exe [2012-03-26 15:03]
.
2012-06-14 c:\windows\Tasks\MpIdleTask.job
- c:\program files\Microsoft Security Client\MpCmdRun.exe [2012-03-26 15:03]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
TCP: Interfaces\{E0015BB1-ADED-4CA6-BC07-EF371D11BD29}: NameServer = 10.0.0.138
FF - ProfilePath - c:\documents and settings\Uživatel\Data aplikací\Mozilla\Firefox\Profiles\v7w8g95r.default\
.
.
------- Asociace souborů -------
.
.scr=AutoCADScriptFile
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
HKCU-Run-RemoTerm.exe - c:\program files\Common Files\PCTV Systems\RemoTerm\RemoTerm.exe
HKLM-Run-removecpl - RemoveCpl.exe
AddRemove-Jak věci pracují 2.0 - c:\windows\IsUn0405.exe
AddRemove-MozillaMaintenanceService - c:\program files\Mozilla Maintenance Service\uninstall.exe
AddRemove-Nokia Maps Updater_is1 - c:\1_mobil\Nokia Maps Updater\Uninstall Information\unins000.exe
AddRemove-{F38ADCA4-AF7C-4C73-9021-6F1EA15D15EA} - c:\program files\InstallShield Installation Information\{F38ADCA4-AF7C-4C73-9021-6F1EA15D15EA}\Setup.exeUNINSTALL
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-06-14 21:56
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'explorer.exe'(1424)
c:\progra~1\WINDOW~2\wmpband.dll
c:\windows\system32\msi.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\documents and settings\Uživatel\Plocha\Nokia 6720\Nokia PC Suite 7\PhoneBrowser.dll
c:\documents and settings\Uživatel\Plocha\Nokia 6720\Nokia PC Suite 7\NGSCM.DLL
c:\documents and settings\Uživatel\Plocha\Nokia 6720\Nokia PC Suite 7\Lang\PhoneBrowser_cze.nlr
c:\documents and settings\Uživatel\Plocha\Nokia 6720\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\nvsvc32.exe
c:\program files\Microsoft Security Client\MsMpEng.exe
c:\program files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
c:\windows\system32\RUNDLL32.EXE
c:\windows\RTHDCPL.EXE
c:\windows\system32\bcmwltry.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\program files\PC Connectivity Solution\ServiceLayer.exe
c:\program files\PC Connectivity Solution\Transports\NclUSBSrv.exe
c:\program files\PC Connectivity Solution\Transports\NclRSSrv.exe
c:\windows\system32\msiexec.exe
c:\program files\Common Files\Nokia\MPlatform\NokiaMServer.exe
.
**************************************************************************
.
Celkový čas: 2012-06-14 22:01:33 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-06-14 20:01
.
Před spuštěním: Volných bajtů: 198 238 769 152
Po spuštění: Volných bajtů: 216 312 414 208
.
WindowsXP-KB310994-SP2-Home-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
.
- - End Of File - - 51055B7179CFEC35C79E49841ED79E72

[Anonym19]

ale po zapnutí to stále hlásí savedump.exe - Vstupní bod nebyl nalezen .....
ale jak jsi psal na zacatku ze to mam fixnout tak nevim jestli se to povedlo k cemu to fixnuti vlastne je?

[jaro3]

Stáhni si TDSSKiller

Na svojí plochu.Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller.2.2.7.1._(datum)_log.txt , vlož sem prosím celý obsah logu.

Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.

Stáhni si Dial-a-fix
Klikni na kladívko-další možnosti:
SFC scan - Spustí nástroj pro kontrolu systémových souborů (případná potřeba instalačního media Windows).
Klikni na službu a potom na GO.

[Anonym19]

aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-06-17 17:04:54
-----------------------------
17:04:54.109 OS Version: Windows 5.1.2600 Service Pack 3
17:04:54.109 Number of processors: 2 586 0x1706
17:04:54.109 ComputerName: U-CFC2265D51644 UserName: Administrator
17:04:54.828 Initialize success
17:05:20.765 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
17:05:20.765 Disk 0 Vendor: ST3500418AS CC34 Size: 476940MB BusType: 3
17:05:20.796 Disk 0 MBR read successfully
17:05:20.812 Disk 0 MBR scan
17:05:20.812 Disk 0 Windows XP default MBR code
17:05:20.828 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 476929 MB offset 63
17:05:20.843 Disk 0 scanning sectors +976752000
17:05:20.921 Disk 0 scanning C:\WINDOWS\system32\drivers
17:05:26.640 Service scanning
17:05:38.046 Modules scanning
17:06:04.687 Disk 0 trace - called modules:
17:06:04.718 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
17:06:04.734 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8a2f7ab8]
17:06:04.750 3 CLASSPNP.SYS[f7657fd7] -> nt!IofCallDriver -> \Device\00000072[0x8a30a338]
17:06:07.265 5 ACPI.sys[f75ae620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x8a309940]
17:06:07.390 Scan finished successfully
17:06:29.671 Disk 0 MBR has been saved successfully to "C:\
17:06:29.687 The log file has been saved successfully to "C:\

[Anonym19]

17:21:56.0031 3124 TDSS rootkit removing tool 2.7.40.0 Jun 15 2012 15:13:31
17:21:56.0328 3124 ============================================================
17:21:56.0328 3124 Current date / time: 2012/06/17 17:21:56.0328
17:21:56.0328 3124 SystemInfo:
17:21:56.0328 3124
17:21:56.0328 3124 OS Version: 5.1.2600 ServicePack: 3.0
17:21:56.0328 3124 Product type: Workstation
17:21:56.0328 3124 ComputerName: U-CFC2265D51644
17:21:56.0343 3124 UserName: Uživatel
17:21:56.0343 3124 Windows directory: C:\WINDOWS
17:21:56.0343 3124 System windows directory: C:\WINDOWS
17:21:56.0343 3124 Processor architecture: Intel x86
17:21:56.0343 3124 Number of processors: 2
17:21:56.0343 3124 Page size: 0x1000
17:21:56.0343 3124 Boot type: Safe boot with network
17:21:56.0343 3124 ============================================================
17:21:57.0687 3124 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
17:21:57.0687 3124 ============================================================
17:21:57.0687 3124 \Device\Harddisk0\DR0:
17:21:57.0687 3124 MBR partitions:
17:21:57.0687 3124 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A380D41
17:21:57.0687 3124 ============================================================
17:21:57.0734 3124 C: <-> \Device\Harddisk0\DR0\Partition0
17:21:57.0734 3124 ============================================================
17:21:57.0734 3124 Initialize success
17:21:57.0734 3124 ============================================================
17:22:00.0312 3524 ============================================================
17:22:00.0312 3524 Scan started
17:22:00.0312 3524 Mode: Manual;
17:22:00.0312 3524 ============================================================
17:22:01.0546 3524 3xHybrid (315a45b5a334ed03667b1aa95d4a1f15) C:\WINDOWS\system32\DRIVERS\3xHybrid.sys
17:22:01.0562 3524 3xHybrid - ok
17:22:01.0562 3524 Abiosdsk - ok
17:22:01.0593 3524 abp480n5 - ok
17:22:01.0640 3524 ACPI (4fe34f1f3126b61fcc6b2043aa8112c9) C:\WINDOWS\system32\DRIVERS\ACPI.sys
17:22:01.0640 3524 ACPI - ok
17:22:01.0671 3524 ACPIEC (afdff022a01f0b11c776f0860c3b282f) C:\WINDOWS\system32\drivers\ACPIEC.sys
17:22:01.0671 3524 ACPIEC - ok
17:22:01.0750 3524 AdobeFlashPlayerUpdateSvc (f3cd7b20b27d1772c946df993ff3635c) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
17:22:01.0750 3524 AdobeFlashPlayerUpdateSvc - ok
17:22:01.0750 3524 adpu160m - ok
17:22:01.0796 3524 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
17:22:01.0796 3524 aec - ok
17:22:01.0843 3524 AegisP (30bb1bde595ca65fd5549462080d94e5) C:\WINDOWS\system32\DRIVERS\AegisP.sys
17:22:01.0843 3524 AegisP - ok
17:22:01.0875 3524 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
17:22:01.0875 3524 AFD - ok
17:22:01.0875 3524 Aha154x - ok
17:22:01.0890 3524 aic78u2 - ok
17:22:01.0906 3524 aic78xx - ok
17:22:01.0953 3524 Alerter (e0a6fa244b8624d78fe5ff6f56a33bae) C:\WINDOWS\system32\alrsvc.dll
17:22:01.0953 3524 Alerter - ok
17:22:01.0984 3524 ALG (88842de939a827577bf24243699ac80a) C:\WINDOWS\System32\alg.exe
17:22:01.0984 3524 ALG - ok
17:22:01.0984 3524 AliIde - ok
17:22:02.0046 3524 Ambfilt (f6af59d6eee5e1c304f7f73706ad11d8) C:\WINDOWS\system32\drivers\Ambfilt.sys
17:22:02.0062 3524 Ambfilt - ok
17:22:02.0234 3524 Amfilter (d716473c4f66c1173d3ca4e679f68743) C:\WINDOWS\system32\DRIVERS\Amfilter.sys
17:22:02.0234 3524 Amfilter - ok
17:22:02.0250 3524 amsint - ok
17:22:02.0265 3524 Amusbprt (0e264a9acb592f3fd91e742983db6a96) C:\WINDOWS\system32\DRIVERS\Amusbprt.sys
17:22:02.0265 3524 Amusbprt - ok
17:22:02.0281 3524 AppMgmt - ok
17:22:02.0343 3524 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
17:22:02.0343 3524 Arp1394 - ok
17:22:02.0359 3524 ASAPIW2K (875f9079cabee679d34b49e466b61701) C:\WINDOWS\system32\Drivers\ASAPIW2K.sys
17:22:02.0359 3524 ASAPIW2K - ok
17:22:02.0375 3524 asc - ok
17:22:02.0390 3524 asc3350p - ok
17:22:02.0390 3524 asc3550 - ok
17:22:02.0421 3524 AsIO (2b4e66fac6503494a2c6f32bb6ab3826) C:\WINDOWS\system32\drivers\AsIO.sys
17:22:02.0421 3524 AsIO - ok
17:22:02.0765 3524 aspnet_state (776acefa0ca9df0faa51a5fb2f435705) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
17:22:02.0765 3524 aspnet_state - ok
17:22:02.0843 3524 AsSysCtrlService (e781164c7d47950e3d218c84b2901cb2) C:\Program Files\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
17:22:02.0859 3524 AsSysCtrlService - ok
17:22:02.0890 3524 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
17:22:02.0890 3524 AsyncMac - ok
17:22:02.0921 3524 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
17:22:02.0921 3524 atapi - ok
17:22:02.0937 3524 Atdisk - ok
17:22:02.0984 3524 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
17:22:02.0984 3524 Atmarpc - ok
17:22:03.0031 3524 AudioSrv (de31b88962a8645dba5a37b993e7b0f1) C:\WINDOWS\System32\audiosrv.dll
17:22:03.0031 3524 AudioSrv - ok
17:22:03.0062 3524 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
17:22:03.0062 3524 audstub - ok
17:22:03.0109 3524 Autodesk Licensing Service (32a5defddc3562bf89d73586f5915b34) C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
17:22:03.0109 3524 Autodesk Licensing Service - ok
17:22:03.0156 3524 azvusb (0a5e8178eff1d8f109a95235aeb7d76f) C:\WINDOWS\system32\DRIVERS\azvusb.sys
17:22:03.0156 3524 azvusb - ok
17:22:03.0203 3524 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
17:22:03.0203 3524 Beep - ok
17:22:03.0250 3524 Belkin700F (1d26e3a3ea0234d54d14d4e45e2a84e9) C:\WINDOWS\system32\DRIVERS\BLKWGDv7.sys
17:22:03.0250 3524 Belkin700F - ok
17:22:03.0296 3524 BITS (19395d092fd85ddc2d9c7729cf5a2ac8) C:\WINDOWS\system32\qmgr.dll
17:22:03.0296 3524 BITS - ok
17:22:03.0328 3524 BridgeMP (f934d1b230f84e1d19dd00ac5a7a83ed) C:\WINDOWS\system32\DRIVERS\bridge.sys
17:22:03.0328 3524 BridgeMP - ok
17:22:03.0359 3524 Browser (249276d3ef1e74b992299cb96099e4d7) C:\WINDOWS\System32\browser.dll
17:22:03.0359 3524 Browser - ok
17:22:03.0359 3524 catchme - ok
17:22:03.0406 3524 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
17:22:03.0406 3524 cbidf2k - ok
17:22:03.0453 3524 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
17:22:03.0453 3524 CCDECODE - ok
17:22:03.0453 3524 cd20xrnt - ok
17:22:03.0484 3524 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
17:22:03.0484 3524 Cdaudio - ok
17:22:03.0515 3524 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
17:22:03.0531 3524 Cdfs - ok
17:22:03.0578 3524 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
17:22:03.0578 3524 Cdrom - ok
17:22:03.0593 3524 Changer - ok
17:22:03.0625 3524 CiSvc (e390dc1d7c461d7d56ec53402f329928) C:\WINDOWS\system32\cisvc.exe
17:22:03.0625 3524 CiSvc - ok
17:22:03.0625 3524 ClipSrv (064507a8dfa8c5c7e2ffddd3e6f424fa) C:\WINDOWS\system32\clipsrv.exe
17:22:03.0625 3524 ClipSrv - ok
17:22:03.0750 3524 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:22:03.0750 3524 clr_optimization_v2.0.50727_32 - ok
17:22:04.0031 3524 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:22:04.0031 3524 clr_optimization_v4.0.30319_32 - ok
17:22:04.0046 3524 CmdIde - ok
17:22:04.0062 3524 COMSysApp - ok
17:22:04.0078 3524 Cpqarray - ok
17:22:04.0125 3524 CryptSvc (f3ab0933cbd166d271992f411c27ccaf) C:\WINDOWS\System32\cryptsvc.dll
17:22:04.0125 3524 CryptSvc - ok
17:22:04.0140 3524 dac2w2k - ok
17:22:04.0156 3524 dac960nt - ok
17:22:04.0203 3524 DcomLaunch (be27674d1cbc3214aec84b4336a38bbf) C:\WINDOWS\system32\rpcss.dll
17:22:04.0203 3524 DcomLaunch - ok
17:22:04.0218 3524 Dhcp (8c9a53e285ac5e6704844d0459ec85be) C:\WINDOWS\System32\dhcpcsvc.dll
17:22:04.0218 3524 Dhcp - ok
17:22:04.0265 3524 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
17:22:04.0265 3524 Disk - ok
17:22:04.0265 3524 dmadmin - ok
17:22:04.0343 3524 dmboot (db5fd2bf5b07dc54bfcb3664ff05bd7c) C:\WINDOWS\system32\drivers\dmboot.sys
17:22:04.0343 3524 dmboot - ok
17:22:04.0359 3524 dmio (fff1720af51171f32f1ead5cf71f2810) C:\WINDOWS\system32\drivers\dmio.sys
17:22:04.0359 3524 dmio - ok
17:22:04.0406 3524 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
17:22:04.0406 3524 dmload - ok
17:22:04.0421 3524 dmserver (2bfefe9e865655a76982f050450b9591) C:\WINDOWS\System32\dmserver.dll
17:22:04.0421 3524 dmserver - ok
17:22:04.0468 3524 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
17:22:04.0468 3524 DMusic - ok
17:22:04.0562 3524 DNINDIS5 (d2ee54cdbced01d48f2b18642be79a98) C:\PROGRA~1\Belkin\BELKIN~1.11G\DNINDIS5.SYS
17:22:04.0562 3524 DNINDIS5 - ok
17:22:04.0593 3524 Dnscache (dfaa406bf19f4ee806a6f8d4342137f7) C:\WINDOWS\System32\dnsrslvr.dll
17:22:04.0593 3524 Dnscache - ok
17:22:04.0609 3524 Dot3svc (4a3e2bd20157a0946751229e92eb8621) C:\WINDOWS\System32\dot3svc.dll
17:22:04.0609 3524 Dot3svc - ok
17:22:04.0609 3524 dpti2o - ok
17:22:04.0640 3524 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
17:22:04.0640 3524 drmkaud - ok
17:22:04.0734 3524 DvmMDES (355e50803a28af282a87faa2612b95ce) C:\ASUS.SYS\config\DVMExportService.exe
17:22:04.0734 3524 DvmMDES - ok
17:22:04.0750 3524 EapHost (0887d9c2be8d940778cad1e3b85f2a41) C:\WINDOWS\System32\eapsvc.dll
17:22:04.0750 3524 EapHost - ok
17:22:04.0765 3524 ERSvc (a2a4912798f2be706abadd3d30800d16) C:\WINDOWS\System32\ersvc.dll
17:22:04.0765 3524 ERSvc - ok
17:22:04.0828 3524 Eventlog (9ef697af07bb8dd82c3b02ca953a95b7) C:\WINDOWS\system32\services.exe
17:22:04.0828 3524 Eventlog - ok
17:22:04.0859 3524 EventSystem (a371f11ef07653591c8de26afb13ce7f) C:\WINDOWS\system32\es.dll
17:22:04.0859 3524 EventSystem - ok
17:22:04.0906 3524 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
17:22:04.0906 3524 Fastfat - ok
17:22:04.0953 3524 FastUserSwitchingCompatibility (ee9a2b9ea968a792a053c9d1a86bf870) C:\WINDOWS\System32\shsvcs.dll
17:22:04.0953 3524 FastUserSwitchingCompatibility - ok
17:22:04.0968 3524 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
17:22:04.0968 3524 Fdc - ok
17:22:04.0984 3524 Fips (ac366695a0796560aa37215ad5762aaf) C:\WINDOWS\system32\drivers\Fips.sys
17:22:04.0984 3524 Fips - ok
17:22:05.0078 3524 FLEXnet Licensing Service (d60ef46dc0e757fe5eb579db95b88954) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
17:22:05.0093 3524 FLEXnet Licensing Service - ok
17:22:05.0125 3524 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
17:22:05.0125 3524 Flpydisk - ok
17:22:05.0156 3524 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
17:22:05.0156 3524 FltMgr - ok
17:22:05.0234 3524 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
17:22:05.0234 3524 FontCache3.0.0.0 - ok
17:22:05.0265 3524 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
17:22:05.0265 3524 Fs_Rec - ok
17:22:05.0281 3524 Ftdisk (4e664d8541db4a66b73a24257e322e1f) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
17:22:05.0281 3524 Ftdisk - ok
17:22:05.0296 3524 gdrv (5c230948dd6652228f88ca7ae6cb276c) C:\WINDOWS\gdrv.sys
17:22:05.0296 3524 gdrv - ok
17:22:05.0328 3524 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
17:22:05.0328 3524 Gpc - ok
17:22:05.0343 3524 hamachi (7929a161f9951d173ca9900fe7067391) C:\WINDOWS\system32\DRIVERS\hamachi.sys
17:22:05.0343 3524 hamachi - ok
17:22:05.0390 3524 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
17:22:05.0390 3524 HDAudBus - ok
17:22:05.0437 3524 helpsvc (fcfe31fb75f8a6295b6b0af87a626282) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
17:22:05.0437 3524 helpsvc - ok
17:22:05.0437 3524 HidServ - ok
17:22:05.0484 3524 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
17:22:05.0484 3524 HidUsb - ok
17:22:05.0500 3524 hkmsvc (7a6b320928f86bc851530d63c82965d9) C:\WINDOWS\System32\kmsvc.dll
17:22:05.0500 3524 hkmsvc - ok
17:22:05.0500 3524 hpn - ok
17:22:05.0562 3524 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
17:22:05.0562 3524 HTTP - ok
17:22:05.0578 3524 HTTPFilter (58fe2f2da3bc5573f4a35b3760d3125f) C:\WINDOWS\System32\w3ssl.dll
17:22:05.0578 3524 HTTPFilter - ok
17:22:05.0593 3524 i2omgmt - ok
17:22:05.0609 3524 i2omp - ok
17:22:05.0625 3524 i8042prt (c528e27945367191e7bae364930b6932) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
17:22:05.0625 3524 i8042prt - ok
17:22:05.0734 3524 idsvc (c01ac32dc5c03076cfb852cb5da5229c) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
17:22:05.0750 3524 idsvc - ok
17:22:05.0765 3524 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
17:22:05.0765 3524 Imapi - ok
17:22:05.0781 3524 ImapiService (f7b93aafad33b2320954c17e26c8d361) C:\WINDOWS\system32\imapi.exe
17:22:05.0781 3524 ImapiService - ok
17:22:05.0796 3524 ini910u - ok
17:22:05.0953 3524 IntcAzAudAddService (0cacdcbbc8e6f11e2865c47bfc509848) C:\WINDOWS\system32\drivers\RtkHDAud.sys
17:22:06.0031 3524 IntcAzAudAddService - ok
17:22:06.0203 3524 IntelIde - ok
17:22:06.0250 3524 intelppm (27b290d632af2cf3cf40bfddb7370985) C:\WINDOWS\system32\DRIVERS\intelppm.sys
17:22:06.0250 3524 intelppm - ok
17:22:06.0265 3524 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
17:22:06.0265 3524 Ip6Fw - ok
17:22:06.0312 3524 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
17:22:06.0312 3524 IpFilterDriver - ok
17:22:06.0312 3524 iphlpsvc - ok
17:22:06.0328 3524 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
17:22:06.0328 3524 IpInIp - ok
17:22:06.0359 3524 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
17:22:06.0359 3524 IpNat - ok
17:22:06.0375 3524 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
17:22:06.0375 3524 IPSec - ok
17:22:06.0421 3524 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
17:22:06.0421 3524 IRENUM - ok
17:22:06.0468 3524 isapnp (cc9f8a2d60aed1a51a3ac34c59b987ae) C:\WINDOWS\system32\DRIVERS\isapnp.sys
17:22:06.0468 3524 isapnp - ok
17:22:06.0531 3524 JavaQuickStarterService (5472d771c0197355c1d347f20392b982) C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
17:22:06.0531 3524 JavaQuickStarterService - ok
17:22:06.0546 3524 Kbdclass (1b6162fe7f66b1a71a4b70f941c4aa9b) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
17:22:06.0546 3524 Kbdclass - ok
17:22:06.0593 3524 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
17:22:06.0593 3524 kmixer - ok
17:22:06.0640 3524 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
17:22:06.0640 3524 KSecDD - ok
17:22:06.0656 3524 L1e (101457d884e3dd4636baefb9b7e7d3f3) C:\WINDOWS\system32\DRIVERS\l1e51x86.sys
17:22:06.0656 3524 L1e - ok
17:22:06.0687 3524 LanmanServer (3428e8f86f8add36b42fb23542c7b3e4) C:\WINDOWS\System32\srvsvc.dll
17:22:06.0687 3524 LanmanServer - ok
17:22:06.0734 3524 lanmanworkstation (936c1d110232d23b621cb0196e4f80f0) C:\WINDOWS\System32\wkssvc.dll
17:22:06.0734 3524 lanmanworkstation - ok
17:22:06.0734 3524 lbrtfdc - ok
17:22:06.0812 3524 LmHosts (0ab159f536e3e8f7f07113702a07cca5) C:\WINDOWS\System32\lmhsvc.dll
17:22:06.0812 3524 LmHosts - ok
17:22:06.0843 3524 MBAMProtector (fb097bbc1a18f044bd17bd2fccf97865) C:\WINDOWS\system32\drivers\mbam.sys
17:22:06.0843 3524 MBAMProtector - ok
17:22:06.0875 3524 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
17:22:06.0890 3524 MBAMService - ok
17:22:06.0921 3524 MDC8021X (d7010580bf4e45d5e793a1fe75758c69) C:\WINDOWS\system32\DRIVERS\mdc8021x.sys
17:22:06.0921 3524 MDC8021X - ok
17:22:06.0984 3524 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
17:22:06.0984 3524 mnmdd - ok
17:22:07.0015 3524 mnmsrvc (9a57d046f88f4b69751b11fd40088a61) C:\WINDOWS\system32\mnmsrvc.exe
17:22:07.0015 3524 mnmsrvc - ok
17:22:07.0031 3524 Modem (44032b0c6d9954d3fd26438330b99ee7) C:\WINDOWS\system32\drivers\Modem.sys
17:22:07.0046 3524 Modem - ok
17:22:07.0093 3524 Monfilt (9fa7207d1b1adead88ae8eed9cdbbaa5) C:\WINDOWS\system32\drivers\Monfilt.sys
17:22:07.0125 3524 Monfilt - ok
17:22:07.0312 3524 Mouclass (4cb582831dbde63ce43b45d771218374) C:\WINDOWS\system32\DRIVERS\mouclass.sys
17:22:07.0312 3524 Mouclass - ok
17:22:07.0328 3524 mouhid (bb269eba740737ab749b214d568b6812) C:\WINDOWS\system32\DRIVERS\mouhid.sys
17:22:07.0328 3524 mouhid - ok
17:22:07.0359 3524 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
17:22:07.0359 3524 MountMgr - ok
17:22:07.0406 3524 MPE (c0f8e0c2c3c0437cf37c6781896dc3ec) C:\WINDOWS\system32\DRIVERS\MPE.sys
17:22:07.0406 3524 MPE - ok
17:22:07.0421 3524 MpFilter (d993bea500e7382dc4e760bf4f35efcb) C:\WINDOWS\system32\DRIVERS\MpFilter.sys
17:22:07.0421 3524 MpFilter - ok
17:22:07.0468 3524 MpKsl42f7ba3e - ok
17:22:07.0484 3524 mraid35x - ok
17:22:07.0500 3524 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
17:22:07.0500 3524 MRxDAV - ok
17:22:07.0562 3524 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
17:22:07.0562 3524 MRxSmb - ok
17:22:07.0593 3524 MSDTC (6db4d1521caba9a5ffab54ade0ae867d) C:\WINDOWS\system32\msdtc.exe
17:22:07.0593 3524 MSDTC - ok
17:22:07.0625 3524 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
17:22:07.0625 3524 Msfs - ok
17:22:07.0640 3524 MSIServer - ok
17:22:07.0703 3524 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
17:22:07.0703 3524 MSKSSRV - ok
17:22:07.0750 3524 MsMpSvc (24516bf4e12a46cb67302e2cdcb8cddf) c:\Program Files\Microsoft Security Client\MsMpEng.exe
17:22:07.0750 3524 MsMpSvc - ok
17:22:07.0765 3524 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
17:22:07.0765 3524 MSPCLOCK - ok
17:22:07.0781 3524 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
17:22:07.0781 3524 MSPQM - ok
17:22:07.0796 3524 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
17:22:07.0796 3524 mssmbios - ok
17:22:07.0828 3524 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
17:22:07.0828 3524 MSTEE - ok
17:22:07.0875 3524 MTsensor (d48659bb24c48345d926ecb45c1ebdf5) C:\WINDOWS\system32\DRIVERS\ASACPI.sys
17:22:07.0875 3524 MTsensor - ok
17:22:07.0906 3524 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
17:22:07.0906 3524 Mup - ok
17:22:07.0921 3524 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
17:22:07.0921 3524 NABTSFEC - ok
17:22:07.0937 3524 napagent (6ea362e9db03d44f6b996f4d8be237e9) C:\WINDOWS\System32\qagentrt.dll
17:22:07.0937 3524 napagent - ok
17:22:07.0968 3524 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
17:22:07.0968 3524 NDIS - ok
17:22:07.0968 3524 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
17:22:07.0968 3524 NdisIP - ok
17:22:08.0000 3524 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
17:22:08.0000 3524 NdisTapi - ok
17:22:08.0046 3524 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
17:22:08.0046 3524 Ndisuio - ok
17:22:08.0062 3524 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
17:22:08.0062 3524 NdisWan - ok
17:22:08.0078 3524 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
17:22:08.0078 3524 NDProxy - ok
17:22:08.0093 3524 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
17:22:08.0093 3524 NetBIOS - ok
17:22:08.0125 3524 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
17:22:08.0125 3524 NetBT - ok
17:22:08.0140 3524 NetDDE (933de774986ec85e48210c44ab431de6) C:\WINDOWS\system32\netdde.exe
17:22:08.0140 3524 NetDDE - ok
17:22:08.0156 3524 NetDDEdsdm (933de774986ec85e48210c44ab431de6) C:\WINDOWS\system32\netdde.exe
17:22:08.0156 3524 NetDDEdsdm - ok
17:22:08.0171 3524 Netlogon (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
17:22:08.0171 3524 Netlogon - ok
17:22:08.0187 3524 Netman (72e1e9e2977be08bdeedb6d8fd9d4d40) C:\WINDOWS\System32\netman.dll
17:22:08.0187 3524 Netman - ok
17:22:08.0531 3524 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
17:22:08.0531 3524 NetTcpPortSharing - ok
17:22:08.0562 3524 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
17:22:08.0562 3524 NIC1394 - ok
17:22:08.0609 3524 Nla (39ee7c3bfbc64ba87cc8cf67386e814c) C:\WINDOWS\System32\mswsock.dll
17:22:08.0609 3524 Nla - ok
17:22:08.0640 3524 nm (1e421a6bcf2203cc61b821ada9de878b) C:\WINDOWS\system32\DRIVERS\NMnt.sys
17:22:08.0640 3524 nm - ok
17:22:08.0656 3524 nmwcd (c3963d85b721a7f80d8a55f4e2867a3a) C:\WINDOWS\system32\drivers\ccdcmb.sys
17:22:08.0656 3524 nmwcd - ok
17:22:08.0687 3524 nmwcdc (3859c69a77793180548802dac9f34a38) C:\WINDOWS\system32\drivers\ccdcmbo.sys
17:22:08.0687 3524 nmwcdc - ok
17:22:08.0718 3524 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
17:22:08.0718 3524 Npfs - ok
17:22:08.0750 3524 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
17:22:08.0750 3524 Ntfs - ok
17:22:08.0796 3524 NtLmSsp (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
17:22:08.0796 3524 NtLmSsp - ok
17:22:08.0812 3524 NtmsSvc (023dd70573d644f3d9c8b1258a7bfd08) C:\WINDOWS\system32\ntmssvc.dll
17:22:08.0828 3524 NtmsSvc - ok
17:22:08.0859 3524 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
17:22:08.0859 3524 Null - ok
17:22:09.0046 3524 nv (4f15e1e56703f59c0ac00022162e5308) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
17:22:09.0171 3524 nv - ok
17:22:09.0375 3524 nvsvc (383aa018830eb16965181c39cb0f3b73) C:\WINDOWS\system32\nvsvc32.exe
17:22:09.0375 3524 nvsvc - ok
17:22:09.0406 3524 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
17:22:09.0406 3524 NwlnkFlt - ok
17:22:09.0421 3524 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
17:22:09.0421 3524 NwlnkFwd - ok
17:22:09.0468 3524 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
17:22:09.0468 3524 ohci1394 - ok
17:22:09.0515 3524 Parport (46f8db73b4a53e543f8e371dc7c75bae) C:\WINDOWS\system32\drivers\Parport.sys
17:22:09.0515 3524 Parport - ok
17:22:09.0531 3524 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
17:22:09.0531 3524 PartMgr - ok
17:22:09.0562 3524 ParVdm (1fae19d0457176318bba4a8795656ebc) C:\WINDOWS\system32\drivers\ParVdm.sys
17:22:09.0562 3524 ParVdm - ok
17:22:09.0578 3524 pccsmcfd (fd2041e9ba03db7764b2248f02475079) C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
17:22:09.0578 3524 pccsmcfd - ok
17:22:09.0609 3524 PCI (6ce351d149cb4befc702951e471e1730) C:\WINDOWS\system32\DRIVERS\pci.sys
17:22:09.0609 3524 PCI - ok
17:22:09.0625 3524 PCIDump - ok
17:22:09.0640 3524 PCIIde (2da4ec85e0ea7a45c6b2a05820492d5a) C:\WINDOWS\system32\DRIVERS\pciide.sys
17:22:09.0640 3524 PCIIde - ok
17:22:09.0671 3524 PCLEPCI (1bebe7de8508a02650cdce45c664c2a2) C:\WINDOWS\system32\drivers\pclepci.sys
17:22:09.0671 3524 PCLEPCI - ok
17:22:09.0703 3524 Pcmcia (4fc31e6c19a5ce5198b1abff94cae758) C:\WINDOWS\system32\drivers\Pcmcia.sys
17:22:09.0703 3524 Pcmcia - ok
17:22:09.0718 3524 PDCOMP - ok
17:22:09.0734 3524 PDFRAME - ok
17:22:09.0750 3524 PDRELI - ok
17:22:09.0765 3524 PDRFRAME - ok
17:22:09.0781 3524 perc2 - ok
17:22:09.0796 3524 perc2hib - ok
17:22:09.0859 3524 PinnacleRoyalTS (48b06eca2c2f036eb3912d816ee5941b) C:\WINDOWS\system32\DRIVERS\RoyalTS.sys
17:22:09.0859 3524 PinnacleRoyalTS - ok
17:22:09.0890 3524 PLCND532 (cf5aa091b8ba5aee3f3adb310b9f73cb) C:\WINDOWS\system32\Drivers\PLCND532.sys
17:22:09.0890 3524 PLCND532 - ok
17:22:09.0921 3524 PlugPlay (9ef697af07bb8dd82c3b02ca953a95b7) C:\WINDOWS\system32\services.exe
17:22:09.0921 3524 PlugPlay - ok
17:22:09.0937 3524 PolicyAgent (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
17:22:09.0937 3524 PolicyAgent - ok
17:22:09.0984 3524 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
17:22:09.0984 3524 PptpMiniport - ok
17:22:09.0984 3524 ProtectedStorage (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
17:22:09.0984 3524 ProtectedStorage - ok
17:22:10.0000 3524 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
17:22:10.0000 3524 PSched - ok
17:22:10.0031 3524 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
17:22:10.0031 3524 Ptilink - ok
17:22:10.0046 3524 ql1080 - ok
17:22:10.0062 3524 Ql10wnt - ok
17:22:10.0078 3524 ql12160 - ok
17:22:10.0093 3524 ql1240 - ok
17:22:10.0109 3524 ql1280 - ok
17:22:10.0156 3524 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
17:22:10.0156 3524 RasAcd - ok
17:22:10.0156 3524 RasAuto (2b5e44ea009f2f374b980e1e9a70635d) C:\WINDOWS\System32\rasauto.dll
17:22:10.0156 3524 RasAuto - ok
17:22:10.0203 3524 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
17:22:10.0203 3524 Rasl2tp - ok
17:22:10.0218 3524 RasMan (d57554c664b64604bd1ee13ea2c07e77) C:\WINDOWS\System32\rasmans.dll
17:22:10.0218 3524 RasMan - ok
17:22:10.0234 3524 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
17:22:10.0234 3524 RasPppoe - ok
17:22:10.0250 3524 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
17:22:10.0250 3524 Raspti - ok
17:22:10.0281 3524 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
17:22:10.0281 3524 Rdbss - ok
17:22:10.0296 3524 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
17:22:10.0296 3524 RDPCDD - ok
17:22:10.0359 3524 RDPWD (6589db6e5969f8eee594cf71171c5028) C:\WINDOWS\system32\drivers\RDPWD.sys
17:22:10.0359 3524 RDPWD - ok
17:22:10.0390 3524 RDSessMgr (c0d9d9711cb74ee9bc66353d8cbdab0e) C:\WINDOWS\system32\sessmgr.exe
17:22:10.0406 3524 RDSessMgr - ok
17:22:10.0406 3524 redbook (611bfd220305be3a85ae876ea47d4aa5) C:\WINDOWS\system32\DRIVERS\redbook.sys
17:22:10.0406 3524 redbook - ok
17:22:10.0421 3524 RemoteAccess (127c26b5371651043450e52542099aba) C:\WINDOWS\System32\mprdim.dll
17:22:10.0421 3524 RemoteAccess - ok
17:22:10.0437 3524 RpcLocator (718b3bdc0bc3c2f7d065a53d26202af9) C:\WINDOWS\system32\locator.exe
17:22:10.0437 3524 RpcLocator - ok
17:22:10.0484 3524 RpcSs (be27674d1cbc3214aec84b4336a38bbf) C:\WINDOWS\System32\rpcss.dll
17:22:10.0500 3524 RpcSs - ok
17:22:10.0515 3524 RSVP (09ab2e71e58b078038e3bfdba7ffc984) C:\WINDOWS\system32\rsvp.exe
17:22:10.0515 3524 RSVP - ok
17:22:10.0546 3524 SamSs (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
17:22:10.0546 3524 SamSs - ok
17:22:10.0562 3524 SCardSvr (410046e401eb11e1e6749e9deea41d4a) C:\WINDOWS\System32\SCardSvr.exe
17:22:10.0562 3524 SCardSvr - ok
17:22:10.0609 3524 Schedule (3ff232a7731621b8902d81d42418c93c) C:\WINDOWS\system32\schedsvc.dll
17:22:10.0609 3524 Schedule - ok
17:22:10.0625 3524 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
17:22:10.0625 3524 Secdrv - ok
17:22:10.0640 3524 seclogon (477e2c3cc5e4a0d635bcb0ea8dcac3c6) C:\WINDOWS\System32\seclogon.dll
17:22:10.0656 3524 seclogon - ok
17:22:10.0656 3524 SENS (a530b75c10c23c9ab28fdb6ce719e21f) C:\WINDOWS\system32\sens.dll
17:22:10.0656 3524 SENS - ok
17:22:10.0671 3524 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
17:22:10.0671 3524 serenum - ok
17:22:10.0687 3524 Serial (b842729337c9b921615c40d3c1a1af96) C:\WINDOWS\system32\DRIVERS\serial.sys
17:22:10.0687 3524 Serial - ok
17:22:10.0812 3524 ServiceLayer (d0d2ff6132db177a5192891a8cc9578c) C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
17:22:10.0828 3524 ServiceLayer - ok
17:22:10.0875 3524 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
17:22:10.0875 3524 Sfloppy - ok
17:22:10.0921 3524 SharedAccess (f58faca9621d2db01bd0927d9a0a208e) C:\WINDOWS\System32\ipnathlp.dll
17:22:10.0937 3524 SharedAccess - ok
17:22:10.0953 3524 ShellHWDetection (ee9a2b9ea968a792a053c9d1a86bf870) C:\WINDOWS\System32\shsvcs.dll
17:22:10.0953 3524 ShellHWDetection - ok
17:22:10.0953 3524 Simbad - ok
17:22:11.0015 3524 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
17:22:11.0015 3524 SLIP - ok
17:22:11.0031 3524 Sparrow - ok
17:22:11.0078 3524 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
17:22:11.0078 3524 splitter - ok
17:22:11.0109 3524 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
17:22:11.0125 3524 Spooler - ok
17:22:11.0156 3524 sr (94610c8653635e4459316a0050d55ce7) C:\WINDOWS\system32\DRIVERS\sr.sys
17:22:11.0156 3524 sr - ok
17:22:11.0171 3524 srservice (35b91147124f64ac8081a2edb9ea4dee) C:\WINDOWS\system32\srsvc.dll
17:22:11.0171 3524 srservice - ok
17:22:11.0203 3524 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
17:22:11.0218 3524 Srv - ok
17:22:11.0250 3524 SSDPSRV (becd5271dc4e3b7c3d035f790fcbc1e5) C:\WINDOWS\System32\ssdpsrv.dll
17:22:11.0250 3524 SSDPSRV - ok
17:22:11.0296 3524 stisvc (c1cdd9275f6a115bb0ae1d55d8d27ba6) C:\WINDOWS\system32\wiaservc.dll
17:22:11.0296 3524 stisvc - ok
17:22:11.0312 3524 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
17:22:11.0312 3524 streamip - ok
17:22:11.0359 3524 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
17:22:11.0359 3524 swenum - ok
17:22:11.0468 3524 SwitchBoard (f577910a133a592234ebaad3f3afa258) C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
17:22:11.0468 3524 SwitchBoard - ok
17:22:11.0515 3524 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
17:22:11.0515 3524 swmidi - ok
17:22:11.0531 3524 SwPrv - ok
17:22:11.0546 3524 symc810 - ok
17:22:11.0546 3524 symc8xx - ok
17:22:11.0562 3524 sym_hi - ok
17:22:11.0578 3524 sym_u3 - ok
17:22:11.0609 3524 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
17:22:11.0609 3524 sysaudio - ok
17:22:11.0656 3524 SysmonLog (ce06f01b88ace199a1bf460cac29c110) C:\WINDOWS\system32\smlogsvc.exe
17:22:11.0656 3524 SysmonLog - ok
17:22:11.0671 3524 TapiSrv (c2546cd7a398476f9df5614b2ae160e8) C:\WINDOWS\System32\tapisrv.dll
17:22:11.0687 3524 TapiSrv - ok
17:22:11.0718 3524 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
17:22:11.0718 3524 Tcpip - ok
17:22:11.0750 3524 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
17:22:11.0750 3524 TDPIPE - ok
17:22:11.0765 3524 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
17:22:11.0765 3524 TDTCP - ok
17:22:11.0781 3524 tdx - ok
17:22:11.0812 3524 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
17:22:11.0812 3524 TermDD - ok
17:22:11.0843 3524 TermService (a75dd6fc3dbee4fff5ebc9f2c28bb66e) C:\WINDOWS\System32\termsrv.dll
17:22:11.0843 3524 TermService - ok
17:22:11.0875 3524 Themes (ee9a2b9ea968a792a053c9d1a86bf870) C:\WINDOWS\System32\shsvcs.dll
17:22:11.0875 3524 Themes - ok
17:22:12.0000 3524 TomTomHOMEService (efef22b9577e5051057fde1ae381b50c) C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
17:22:12.0000 3524 TomTomHOMEService - ok
17:22:12.0015 3524 TosIde - ok
17:22:12.0046 3524 TrkWks (38853304ccb938d30e0c4cde8d2c2a8a) C:\WINDOWS\system32\trkwks.dll
17:22:12.0046 3524 TrkWks - ok
17:22:12.0109 3524 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
17:22:12.0109 3524 Udfs - ok
17:22:12.0109 3524 ultra - ok
17:22:12.0140 3524 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
17:22:12.0140 3524 Update - ok
17:22:12.0171 3524 upnphost (651bd90dcee5b7bdc74a2eb7c9266f9e) C:\WINDOWS\System32\upnphost.dll
17:22:12.0171 3524 upnphost - ok
17:22:12.0187 3524 upperdev (0ccadc7391021376edbb8aa649d04e68) C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys
17:22:12.0187 3524 upperdev - ok
17:22:12.0203 3524 UPS (20a0f6a11959e92908717d09e87d670d) C:\WINDOWS\System32\ups.exe
17:22:12.0203 3524 UPS - ok
17:22:12.0250 3524 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
17:22:12.0250 3524 usbccgp - ok
17:22:12.0296 3524 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
17:22:12.0296 3524 usbehci - ok
17:22:12.0312 3524 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
17:22:12.0312 3524 usbhub - ok
17:22:12.0328 3524 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
17:22:12.0328 3524 usbprint - ok
17:22:12.0328 3524 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
17:22:12.0343 3524 usbscan - ok
17:22:12.0375 3524 usbser (1c888b000c2f9492f4b15b5b6b84873e) C:\WINDOWS\system32\drivers\usbser.sys
17:22:12.0375 3524 usbser - ok
17:22:12.0390 3524 UsbserFilt (68b4f83cccf70a2ff32ee142c234332a) C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys
17:22:12.0390 3524 UsbserFilt - ok
17:22:12.0421 3524 usbstor (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
17:22:12.0421 3524 usbstor - ok
17:22:12.0437 3524 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
17:22:12.0437 3524 usbuhci - ok
17:22:12.0484 3524 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
17:22:12.0484 3524 VgaSave - ok
17:22:12.0500 3524 ViaIde - ok
17:22:12.0515 3524 VolSnap (28a4b296b47782173c346e376cb374d1) C:\WINDOWS\system32\drivers\VolSnap.sys
17:22:12.0515 3524 VolSnap - ok
17:22:12.0578 3524 VSS (d6ba1a63d9e00933f1cd2a885573afb2) C:\WINDOWS\System32\vssvc.exe
17:22:12.0578 3524 VSS - ok
17:22:12.0593 3524 W32Time (fa4e1cdba256787f2149f4aad07bc91f) C:\WINDOWS\system32\w32time.dll
17:22:12.0609 3524 W32Time - ok
17:22:12.0625 3524 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
17:22:12.0625 3524 Wanarp - ok
17:22:12.0656 3524 Wdf01000 (d918617b46457b9ac28027722e30f647) C:\WINDOWS\system32\Drivers\wdf01000.sys
17:22:12.0671 3524 Wdf01000 - ok
17:22:12.0671 3524 WDICA - ok
17:22:12.0718 3524 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
17:22:12.0718 3524 wdmaud - ok
17:22:12.0734 3524 WebClient (47ae51048a82dfa1cd6b51d369f7e169) C:\WINDOWS\System32\webclnt.dll
17:22:12.0734 3524 WebClient - ok
17:22:12.0750 3524 WinDefend - ok
17:22:12.0781 3524 WinHttpAutoProxySvc - ok
17:22:12.0875 3524 winmgmt (e488332126e3b1182d2b8a0c35408ec6) C:\WINDOWS\system32\wbem\WMIsvc.dll
17:22:12.0875 3524 winmgmt - ok
17:22:12.0937 3524 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
17:22:12.0937 3524 WmdmPmSN - ok
17:22:12.0968 3524 WmiApSrv (23f6f03272f7e5679f1f050aed5acee6) C:\WINDOWS\system32\wbem\wmiapsrv.exe
17:22:12.0968 3524 WmiApSrv - ok
17:22:13.0015 3524 WMPNetworkSvc (3739866d20abd42f26a7b85f9e2560af) C:\Program Files\Windows Media Player\WMPNetwk.exe
17:22:13.0031 3524 WMPNetworkSvc - ok
17:22:13.0046 3524 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
17:22:13.0046 3524 WpdUsb - ok
17:22:13.0437 3524 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
17:22:13.0437 3524 WPFFontCache_v0400 - ok
17:22:13.0468 3524 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
17:22:13.0468 3524 WS2IFSL - ok
17:22:13.0500 3524 wscsvc (4c86d5faf78194995af9cc1075f65dd3) C:\WINDOWS\system32\wscsvc.dll
17:22:13.0500 3524 wscsvc - ok
17:22:13.0546 3524 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
17:22:13.0546 3524 WSTCODEC - ok
17:22:13.0593 3524 wuauserv (c1364564800ee9784192145324a23308) C:\WINDOWS\system32\wuauserv.dll
17:22:13.0593 3524 wuauserv - ok
17:22:13.0625 3524 WudfPf (6ff66513d372d479ef1810223c8d20ce) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
17:22:13.0625 3524 WudfPf - ok
17:22:13.0640 3524 WudfRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
17:22:13.0640 3524 WudfRd - ok
17:22:13.0687 3524 WudfSvc (575a4190d989f64732119e4114045a4f) C:\WINDOWS\System32\WUDFSvc.dll
17:22:13.0687 3524 WudfSvc - ok
17:22:13.0703 3524 WZCSVC (a27d4ba7264c0bf52f32d10405bea1d4) C:\WINDOWS\System32\wzcsvc.dll
17:22:13.0718 3524 WZCSVC - ok
17:22:13.0734 3524 xmlprov (eaa4bb9edb3fb10cf8979fe65e63658f) C:\WINDOWS\System32\xmlprov.dll
17:22:13.0734 3524 xmlprov - ok
17:22:13.0796 3524 MBR (0x1B8) (413fc2a0c716421b3158746d63736515) \Device\Harddisk0\DR0
17:22:14.0046 3524 \Device\Harddisk0\DR0 - ok
17:22:14.0046 3524 Boot (0x1200) (0267cb2fb055317cdd0a0fe775de5a2a) \Device\Harddisk0\DR0\Partition0
17:22:14.0062 3524 \Device\Harddisk0\DR0\Partition0 - ok
17:22:14.0062 3524 ============================================================
17:22:14.0062 3524 Scan finished
17:22:14.0062 3524 ============================================================
17:22:14.0078 3388 Detected object count: 0
17:22:14.0078 3388 Actual detected object count: 0

[Anonym19]

Stáhni si Dial-a-fix
Klikni na kladívko-další možnosti:
SFC scan - Spustí nástroj pro kontrolu systémových souborů (případná potřeba instalačního media Windows).
Klikni na službu a potom na GO.
a co se týče tohoto když kliknu na kladivko tak si mam vybrat mezi:Flushema reinstalama, repairma a resetama takze nevim jakou moznost jsi mel na mysli