Prosím o kontrolu logu a radu Vyřešeno

[jaro3]

SFC scan---najdeš v okně , použij posuvník. Označ ho a potom dej GO!

[Reklama]

[Anonym19]

ten SFC scan jsem nakonec vzal a obnovil jsem systém z minulého týdne, ale kdyz jsem ho nechal zkontrolovat Malwarebytes Anti-Malware našel mi:
Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware) 1.61.0.1400
www.malwarebytes.org

Verze databáze: v2012.06.17.06

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Uživatel :: U-CFC2265D51644 [administrátor]

Ochrana: Zakázána

17.6.2012 20:14:20
mbam-log-2012-06-17 (20-14-20).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 221888
Uplynulý čas: 8 minut, 6 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 1
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\Install\Software\Microsoft\Windows\CurrentVersion\Run|NVIDIA driver monitor (Backdoor.Agent) -> Data: C:\WINDOWS\nvsvc32.exe -> Umístnění do karantény a smazání se zdařilo.

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 1
C:\RECYCLER\S-1-5-21-299502267-1979792683-1801674531-1004\Dc7734.exe (Malware.Packer.Gen) -> Umístnění do karantény a smazání se zdařilo.

(konec)

a chtěl bych se zeptat jaktože mi savedump.exe zacal hlasit chybu až po nějaké době (nevím jak dlouho) co tam ten backdoor.agent byl?

[jaro3]

http://www.processlibrary.com/directory ... ump/25700/

Jak obnovil z minulého týdne? To je všechno zase v háji...Nákazy se vrátily. Psal jsem SFC , trím se přepíšou ( dopíšou ) soubory windows. Ne abys dával obnovu.

Stáhni si TDSSKiller

Na svojí plochu.Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller.2.2.7.1._(datum)_log.txt , vlož sem prosím celý obsah logu.

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

[Anonym19]

16:26:35.0953 1544 TDSS rootkit removing tool 2.7.40.0 Jun 15 2012 15:13:31
16:26:36.0171 1544 ============================================================
16:26:36.0171 1544 Current date / time: 2012/06/18 16:26:36.0171
16:26:36.0171 1544 SystemInfo:
16:26:36.0171 1544
16:26:36.0171 1544 OS Version: 5.1.2600 ServicePack: 3.0
16:26:36.0171 1544 Product type: Workstation
16:26:36.0171 1544 ComputerName: U-CFC2265D51644
16:26:36.0171 1544 UserName: Uživatel
16:26:36.0171 1544 Windows directory: C:\WINDOWS
16:26:36.0171 1544 System windows directory: C:\WINDOWS
16:26:36.0171 1544 Processor architecture: Intel x86
16:26:36.0171 1544 Number of processors: 2
16:26:36.0171 1544 Page size: 0x1000
16:26:36.0171 1544 Boot type: Normal boot
16:26:36.0171 1544 ============================================================
16:26:38.0562 1544 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
16:26:38.0578 1544 ============================================================
16:26:38.0578 1544 \Device\Harddisk0\DR0:
16:26:38.0578 1544 MBR partitions:
16:26:38.0578 1544 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A380D41
16:26:38.0578 1544 ============================================================
16:26:38.0671 1544 C: <-> \Device\Harddisk0\DR0\Partition0
16:26:38.0671 1544 ============================================================
16:26:38.0671 1544 Initialize success
16:26:38.0671 1544 ============================================================
16:26:40.0062 0768 ============================================================
16:26:40.0062 0768 Scan started
16:26:40.0062 0768 Mode: Manual;
16:26:40.0062 0768 ============================================================
16:26:40.0781 0768 3xHybrid (315a45b5a334ed03667b1aa95d4a1f15) C:\WINDOWS\system32\DRIVERS\3xHybrid.sys
16:26:40.0828 0768 3xHybrid - ok
16:26:40.0828 0768 Abiosdsk - ok
16:26:40.0828 0768 abp480n5 - ok
16:26:40.0875 0768 ACPI (4fe34f1f3126b61fcc6b2043aa8112c9) C:\WINDOWS\system32\DRIVERS\ACPI.sys
16:26:40.0875 0768 ACPI - ok
16:26:40.0906 0768 ACPIEC (afdff022a01f0b11c776f0860c3b282f) C:\WINDOWS\system32\drivers\ACPIEC.sys
16:26:40.0921 0768 ACPIEC - ok
16:26:41.0000 0768 AdobeFlashPlayerUpdateSvc (f3cd7b20b27d1772c946df993ff3635c) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
16:26:41.0062 0768 AdobeFlashPlayerUpdateSvc - ok
16:26:41.0062 0768 adpu160m - ok
16:26:41.0109 0768 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
16:26:41.0125 0768 aec - ok
16:26:41.0171 0768 AegisP (30bb1bde595ca65fd5549462080d94e5) C:\WINDOWS\system32\DRIVERS\AegisP.sys
16:26:41.0187 0768 AegisP - ok
16:26:41.0218 0768 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
16:26:41.0218 0768 AFD - ok
16:26:41.0218 0768 Aha154x - ok
16:26:41.0218 0768 aic78u2 - ok
16:26:41.0234 0768 aic78xx - ok
16:26:41.0265 0768 Alerter (e0a6fa244b8624d78fe5ff6f56a33bae) C:\WINDOWS\system32\alrsvc.dll
16:26:41.0312 0768 Alerter - ok
16:26:41.0328 0768 ALG (88842de939a827577bf24243699ac80a) C:\WINDOWS\System32\alg.exe
16:26:41.0328 0768 ALG - ok
16:26:41.0343 0768 AliIde - ok
16:26:41.0390 0768 Ambfilt (f6af59d6eee5e1c304f7f73706ad11d8) C:\WINDOWS\system32\drivers\Ambfilt.sys
16:26:41.0453 0768 Ambfilt - ok
16:26:41.0562 0768 Amfilter (d716473c4f66c1173d3ca4e679f68743) C:\WINDOWS\system32\DRIVERS\Amfilter.sys
16:26:41.0578 0768 Amfilter - ok
16:26:41.0578 0768 amsint - ok
16:26:41.0578 0768 Amusbprt (0e264a9acb592f3fd91e742983db6a96) C:\WINDOWS\system32\DRIVERS\Amusbprt.sys
16:26:41.0593 0768 Amusbprt - ok
16:26:41.0593 0768 AppMgmt - ok
16:26:41.0609 0768 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
16:26:41.0640 0768 Arp1394 - ok
16:26:41.0656 0768 ASAPIW2K (875f9079cabee679d34b49e466b61701) C:\WINDOWS\system32\Drivers\ASAPIW2K.sys
16:26:41.0671 0768 ASAPIW2K - ok
16:26:41.0671 0768 asc - ok
16:26:41.0671 0768 asc3350p - ok
16:26:41.0687 0768 asc3550 - ok
16:26:41.0703 0768 AsIO (2b4e66fac6503494a2c6f32bb6ab3826) C:\WINDOWS\system32\drivers\AsIO.sys
16:26:41.0718 0768 AsIO - ok
16:26:41.0796 0768 aspnet_state (776acefa0ca9df0faa51a5fb2f435705) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
16:26:41.0812 0768 aspnet_state - ok
16:26:41.0859 0768 AsSysCtrlService (e781164c7d47950e3d218c84b2901cb2) C:\Program Files\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
16:26:41.0859 0768 AsSysCtrlService - ok
16:26:41.0875 0768 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
16:26:41.0890 0768 AsyncMac - ok
16:26:41.0921 0768 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
16:26:41.0921 0768 atapi - ok
16:26:41.0921 0768 Atdisk - ok
16:26:41.0921 0768 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
16:26:41.0953 0768 Atmarpc - ok
16:26:41.0968 0768 AudioSrv (de31b88962a8645dba5a37b993e7b0f1) C:\WINDOWS\System32\audiosrv.dll
16:26:41.0968 0768 AudioSrv - ok
16:26:42.0000 0768 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
16:26:42.0015 0768 audstub - ok
16:26:42.0062 0768 Autodesk Licensing Service (32a5defddc3562bf89d73586f5915b34) C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
16:26:42.0140 0768 Autodesk Licensing Service - ok
16:26:42.0187 0768 azvusb (0a5e8178eff1d8f109a95235aeb7d76f) C:\WINDOWS\system32\DRIVERS\azvusb.sys
16:26:42.0203 0768 azvusb - ok
16:26:42.0250 0768 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
16:26:42.0265 0768 Beep - ok
16:26:42.0312 0768 Belkin700F (1d26e3a3ea0234d54d14d4e45e2a84e9) C:\WINDOWS\system32\DRIVERS\BLKWGDv7.sys
16:26:42.0359 0768 Belkin700F - ok
16:26:42.0390 0768 BITS (19395d092fd85ddc2d9c7729cf5a2ac8) C:\WINDOWS\system32\qmgr.dll
16:26:42.0531 0768 BITS - ok
16:26:42.0531 0768 Browser (249276d3ef1e74b992299cb96099e4d7) C:\WINDOWS\System32\browser.dll
16:26:42.0546 0768 Browser - ok
16:26:42.0578 0768 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
16:26:42.0593 0768 cbidf2k - ok
16:26:42.0609 0768 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
16:26:42.0625 0768 CCDECODE - ok
16:26:42.0625 0768 cd20xrnt - ok
16:26:42.0640 0768 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
16:26:42.0656 0768 Cdaudio - ok
16:26:42.0671 0768 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
16:26:42.0687 0768 Cdfs - ok
16:26:42.0734 0768 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
16:26:42.0750 0768 Cdrom - ok
16:26:42.0750 0768 Changer - ok
16:26:42.0781 0768 CiSvc (e390dc1d7c461d7d56ec53402f329928) C:\WINDOWS\system32\cisvc.exe
16:26:42.0812 0768 CiSvc - ok
16:26:42.0812 0768 ClipSrv (064507a8dfa8c5c7e2ffddd3e6f424fa) C:\WINDOWS\system32\clipsrv.exe
16:26:42.0843 0768 ClipSrv - ok
16:26:42.0906 0768 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:26:43.0000 0768 clr_optimization_v2.0.50727_32 - ok
16:26:43.0046 0768 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:26:43.0078 0768 clr_optimization_v4.0.30319_32 - ok
16:26:43.0078 0768 CmdIde - ok
16:26:43.0078 0768 COMSysApp - ok
16:26:43.0078 0768 Cpqarray - ok
16:26:43.0140 0768 CryptSvc (f3ab0933cbd166d271992f411c27ccaf) C:\WINDOWS\System32\cryptsvc.dll
16:26:43.0140 0768 CryptSvc - ok
16:26:43.0140 0768 dac2w2k - ok
16:26:43.0156 0768 dac960nt - ok
16:26:43.0203 0768 DcomLaunch (be27674d1cbc3214aec84b4336a38bbf) C:\WINDOWS\system32\rpcss.dll
16:26:43.0203 0768 DcomLaunch - ok
16:26:43.0218 0768 Dhcp (8c9a53e285ac5e6704844d0459ec85be) C:\WINDOWS\System32\dhcpcsvc.dll
16:26:43.0218 0768 Dhcp - ok
16:26:43.0218 0768 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
16:26:43.0234 0768 Disk - ok
16:26:43.0234 0768 dmadmin - ok
16:26:43.0296 0768 dmboot (db5fd2bf5b07dc54bfcb3664ff05bd7c) C:\WINDOWS\system32\drivers\dmboot.sys
16:26:43.0328 0768 dmboot - ok
16:26:43.0328 0768 dmio (fff1720af51171f32f1ead5cf71f2810) C:\WINDOWS\system32\drivers\dmio.sys
16:26:43.0343 0768 dmio - ok
16:26:43.0390 0768 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
16:26:43.0390 0768 dmload - ok
16:26:43.0406 0768 dmserver (2bfefe9e865655a76982f050450b9591) C:\WINDOWS\System32\dmserver.dll
16:26:43.0421 0768 dmserver - ok
16:26:43.0468 0768 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
16:26:43.0484 0768 DMusic - ok
16:26:43.0562 0768 DNINDIS5 (d2ee54cdbced01d48f2b18642be79a98) C:\PROGRA~1\Belkin\BELKIN~1.11G\DNINDIS5.SYS
16:26:43.0562 0768 DNINDIS5 - ok
16:26:43.0609 0768 Dnscache (dfaa406bf19f4ee806a6f8d4342137f7) C:\WINDOWS\System32\dnsrslvr.dll
16:26:43.0609 0768 Dnscache - ok
16:26:43.0609 0768 Dot3svc (4a3e2bd20157a0946751229e92eb8621) C:\WINDOWS\System32\dot3svc.dll
16:26:43.0640 0768 Dot3svc - ok
16:26:43.0640 0768 dpti2o - ok
16:26:43.0640 0768 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
16:26:43.0640 0768 drmkaud - ok
16:26:43.0734 0768 DvmMDES (355e50803a28af282a87faa2612b95ce) C:\ASUS.SYS\config\DVMExportService.exe
16:26:43.0734 0768 DvmMDES - ok
16:26:43.0750 0768 EapHost (0887d9c2be8d940778cad1e3b85f2a41) C:\WINDOWS\System32\eapsvc.dll
16:26:43.0765 0768 EapHost - ok
16:26:43.0781 0768 ERSvc (a2a4912798f2be706abadd3d30800d16) C:\WINDOWS\System32\ersvc.dll
16:26:43.0781 0768 ERSvc - ok
16:26:43.0828 0768 Eventlog (9ef697af07bb8dd82c3b02ca953a95b7) C:\WINDOWS\system32\services.exe
16:26:43.0843 0768 Eventlog - ok
16:26:43.0859 0768 EventSystem (a371f11ef07653591c8de26afb13ce7f) C:\WINDOWS\system32\es.dll
16:26:43.0859 0768 EventSystem - ok
16:26:43.0890 0768 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
16:26:43.0890 0768 Fastfat - ok
16:26:43.0937 0768 FastUserSwitchingCompatibility (ee9a2b9ea968a792a053c9d1a86bf870) C:\WINDOWS\System32\shsvcs.dll
16:26:43.0937 0768 FastUserSwitchingCompatibility - ok
16:26:43.0937 0768 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
16:26:43.0953 0768 Fdc - ok
16:26:43.0968 0768 Fips (ac366695a0796560aa37215ad5762aaf) C:\WINDOWS\system32\drivers\Fips.sys
16:26:43.0984 0768 Fips - ok
16:26:44.0078 0768 FLEXnet Licensing Service (d60ef46dc0e757fe5eb579db95b88954) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
16:26:44.0156 0768 FLEXnet Licensing Service - ok
16:26:44.0156 0768 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
16:26:44.0171 0768 Flpydisk - ok
16:26:44.0203 0768 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
16:26:44.0218 0768 FltMgr - ok
16:26:44.0343 0768 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
16:26:44.0343 0768 FontCache3.0.0.0 - ok
16:26:44.0375 0768 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
16:26:44.0390 0768 Fs_Rec - ok
16:26:44.0390 0768 Ftdisk (4e664d8541db4a66b73a24257e322e1f) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
16:26:44.0406 0768 Ftdisk - ok
16:26:44.0421 0768 gdrv (5c230948dd6652228f88ca7ae6cb276c) C:\WINDOWS\gdrv.sys
16:26:44.0453 0768 gdrv - ok
16:26:44.0453 0768 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
16:26:44.0468 0768 Gpc - ok
16:26:44.0578 0768 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
16:26:44.0578 0768 gupdate - ok
16:26:44.0578 0768 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
16:26:44.0578 0768 gupdatem - ok
16:26:44.0625 0768 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
16:26:44.0671 0768 gusvc - ok
16:26:44.0703 0768 hamachi (7929a161f9951d173ca9900fe7067391) C:\WINDOWS\system32\DRIVERS\hamachi.sys
16:26:44.0734 0768 hamachi - ok
16:26:44.0781 0768 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
16:26:44.0781 0768 HDAudBus - ok
16:26:44.0859 0768 helpsvc (fcfe31fb75f8a6295b6b0af87a626282) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
16:26:44.0859 0768 helpsvc - ok
16:26:44.0859 0768 HidServ - ok
16:26:44.0890 0768 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
16:26:44.0906 0768 HidUsb - ok
16:26:44.0921 0768 hkmsvc (7a6b320928f86bc851530d63c82965d9) C:\WINDOWS\System32\kmsvc.dll
16:26:44.0953 0768 hkmsvc - ok
16:26:44.0953 0768 hpn - ok
16:26:45.0000 0768 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
16:26:45.0000 0768 HTTP - ok
16:26:45.0031 0768 HTTPFilter (58fe2f2da3bc5573f4a35b3760d3125f) C:\WINDOWS\System32\w3ssl.dll
16:26:45.0031 0768 HTTPFilter - ok
16:26:45.0046 0768 i2omgmt - ok
16:26:45.0046 0768 i2omp - ok
16:26:45.0078 0768 i8042prt (c528e27945367191e7bae364930b6932) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
16:26:45.0109 0768 i8042prt - ok
16:26:45.0156 0768 ICQ Service (848edebb3c1d6fec50e09eda95c21e84) C:\Program Files\ICQ6Toolbar\ICQ Service.exe
16:26:45.0156 0768 ICQ Service - ok
16:26:45.0250 0768 idsvc (c01ac32dc5c03076cfb852cb5da5229c) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
16:26:45.0328 0768 idsvc - ok
16:26:45.0343 0768 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
16:26:45.0359 0768 Imapi - ok
16:26:45.0375 0768 ImapiService (f7b93aafad33b2320954c17e26c8d361) C:\WINDOWS\system32\imapi.exe
16:26:45.0390 0768 ImapiService - ok
16:26:45.0390 0768 ini910u - ok
16:26:45.0546 0768 IntcAzAudAddService (0cacdcbbc8e6f11e2865c47bfc509848) C:\WINDOWS\system32\drivers\RtkHDAud.sys
16:26:45.0562 0768 IntcAzAudAddService - ok
16:26:45.0656 0768 IntelIde - ok
16:26:45.0671 0768 intelppm (27b290d632af2cf3cf40bfddb7370985) C:\WINDOWS\system32\DRIVERS\intelppm.sys
16:26:45.0671 0768 intelppm - ok
16:26:45.0687 0768 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
16:26:45.0718 0768 Ip6Fw - ok
16:26:45.0765 0768 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
16:26:45.0765 0768 IpFilterDriver - ok
16:26:45.0765 0768 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
16:26:45.0796 0768 IpInIp - ok
16:26:45.0828 0768 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
16:26:45.0843 0768 IpNat - ok
16:26:45.0843 0768 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
16:26:45.0875 0768 IPSec - ok
16:26:45.0906 0768 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
16:26:45.0921 0768 IRENUM - ok
16:26:45.0968 0768 isapnp (cc9f8a2d60aed1a51a3ac34c59b987ae) C:\WINDOWS\system32\DRIVERS\isapnp.sys
16:26:45.0984 0768 isapnp - ok
16:26:46.0046 0768 JavaQuickStarterService (5472d771c0197355c1d347f20392b982) C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
16:26:46.0046 0768 JavaQuickStarterService - ok
16:26:46.0062 0768 Kbdclass (1b6162fe7f66b1a71a4b70f941c4aa9b) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
16:26:46.0078 0768 Kbdclass - ok
16:26:46.0109 0768 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
16:26:46.0109 0768 kmixer - ok
16:26:46.0140 0768 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
16:26:46.0140 0768 KSecDD - ok
16:26:46.0156 0768 L1e (101457d884e3dd4636baefb9b7e7d3f3) C:\WINDOWS\system32\DRIVERS\l1e51x86.sys
16:26:46.0156 0768 L1e - ok
16:26:46.0187 0768 LanmanServer (3428e8f86f8add36b42fb23542c7b3e4) C:\WINDOWS\System32\srvsvc.dll
16:26:46.0187 0768 LanmanServer - ok
16:26:46.0234 0768 lanmanworkstation (936c1d110232d23b621cb0196e4f80f0) C:\WINDOWS\System32\wkssvc.dll
16:26:46.0234 0768 lanmanworkstation - ok
16:26:46.0234 0768 lbrtfdc - ok
16:26:46.0281 0768 LmHosts (0ab159f536e3e8f7f07113702a07cca5) C:\WINDOWS\System32\lmhsvc.dll
16:26:46.0281 0768 LmHosts - ok
16:26:46.0296 0768 MBAMProtector (fb097bbc1a18f044bd17bd2fccf97865) C:\WINDOWS\system32\drivers\mbam.sys
16:26:46.0312 0768 MBAMProtector - ok
16:26:46.0375 0768 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
16:26:46.0375 0768 MBAMService - ok
16:26:46.0406 0768 MDC8021X (d7010580bf4e45d5e793a1fe75758c69) C:\WINDOWS\system32\DRIVERS\mdc8021x.sys
16:26:46.0421 0768 MDC8021X - ok
16:26:46.0437 0768 Messenger (221cd1c815b8a6b79389c3f5d1018de8) C:\WINDOWS\System32\msgsvc.dll
16:26:46.0453 0768 Messenger - ok
16:26:46.0484 0768 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
16:26:46.0484 0768 mnmdd - ok
16:26:46.0500 0768 mnmsrvc (9a57d046f88f4b69751b11fd40088a61) C:\WINDOWS\system32\mnmsrvc.exe
16:26:46.0546 0768 mnmsrvc - ok
16:26:46.0546 0768 Modem (44032b0c6d9954d3fd26438330b99ee7) C:\WINDOWS\system32\drivers\Modem.sys
16:26:46.0562 0768 Modem - ok
16:26:46.0640 0768 Monfilt (9fa7207d1b1adead88ae8eed9cdbbaa5) C:\WINDOWS\system32\drivers\Monfilt.sys
16:26:46.0718 0768 Monfilt - ok
16:26:46.0828 0768 Mouclass (4cb582831dbde63ce43b45d771218374) C:\WINDOWS\system32\DRIVERS\mouclass.sys
16:26:46.0843 0768 Mouclass - ok
16:26:46.0875 0768 mouhid (bb269eba740737ab749b214d568b6812) C:\WINDOWS\system32\DRIVERS\mouhid.sys
16:26:46.0875 0768 mouhid - ok
16:26:46.0906 0768 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
16:26:46.0921 0768 MountMgr - ok
16:26:46.0984 0768 MozillaMaintenance (6380ff81dd4d78b23398752d2f46ea43) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
16:26:47.0078 0768 MozillaMaintenance - ok
16:26:47.0265 0768 MPE (c0f8e0c2c3c0437cf37c6781896dc3ec) C:\WINDOWS\system32\DRIVERS\MPE.sys
16:26:47.0281 0768 MPE - ok
16:26:47.0390 0768 MpFilter (d993bea500e7382dc4e760bf4f35efcb) C:\WINDOWS\system32\DRIVERS\MpFilter.sys
16:26:47.0515 0768 MpFilter - ok
16:26:47.0515 0768 mraid35x - ok
16:26:47.0890 0768 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
16:26:47.0906 0768 MRxDAV - ok
16:26:47.0937 0768 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
16:26:47.0937 0768 MRxSmb - ok
16:26:47.0968 0768 MSDTC (6db4d1521caba9a5ffab54ade0ae867d) C:\WINDOWS\system32\msdtc.exe
16:26:47.0984 0768 MSDTC - ok
16:26:48.0000 0768 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
16:26:48.0046 0768 Msfs - ok
16:26:48.0046 0768 MSIServer - ok
16:26:48.0078 0768 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
16:26:48.0093 0768 MSKSSRV - ok
16:26:48.0140 0768 MsMpSvc (24516bf4e12a46cb67302e2cdcb8cddf) c:\Program Files\Microsoft Security Client\MsMpEng.exe
16:26:48.0140 0768 MsMpSvc - ok
16:26:48.0156 0768 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
16:26:48.0171 0768 MSPCLOCK - ok
16:26:48.0187 0768 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
16:26:48.0187 0768 MSPQM - ok
16:26:48.0234 0768 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
16:26:48.0234 0768 mssmbios - ok
16:26:48.0250 0768 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
16:26:48.0265 0768 MSTEE - ok
16:26:48.0296 0768 MTsensor (d48659bb24c48345d926ecb45c1ebdf5) C:\WINDOWS\system32\DRIVERS\ASACPI.sys
16:26:48.0312 0768 MTsensor - ok
16:26:48.0328 0768 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
16:26:48.0328 0768 Mup - ok
16:26:48.0328 0768 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
16:26:48.0359 0768 NABTSFEC - ok
16:26:48.0375 0768 napagent (6ea362e9db03d44f6b996f4d8be237e9) C:\WINDOWS\System32\qagentrt.dll
16:26:48.0406 0768 napagent - ok
16:26:48.0421 0768 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
16:26:48.0453 0768 NDIS - ok
16:26:48.0453 0768 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
16:26:48.0468 0768 NdisIP - ok
16:26:48.0468 0768 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
16:26:48.0468 0768 NdisTapi - ok
16:26:48.0500 0768 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
16:26:48.0515 0768 Ndisuio - ok
16:26:48.0531 0768 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
16:26:48.0578 0768 NdisWan - ok
16:26:48.0593 0768 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
16:26:48.0593 0768 NDProxy - ok
16:26:48.0640 0768 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
16:26:48.0656 0768 NetBIOS - ok
16:26:48.0671 0768 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
16:26:48.0687 0768 NetBT - ok
16:26:48.0718 0768 NetDDE (933de774986ec85e48210c44ab431de6) C:\WINDOWS\system32\netdde.exe
16:26:48.0750 0768 NetDDE - ok
16:26:48.0750 0768 NetDDEdsdm (933de774986ec85e48210c44ab431de6) C:\WINDOWS\system32\netdde.exe
16:26:48.0765 0768 NetDDEdsdm - ok
16:26:48.0765 0768 Netlogon (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
16:26:48.0765 0768 Netlogon - ok
16:26:48.0781 0768 Netman (72e1e9e2977be08bdeedb6d8fd9d4d40) C:\WINDOWS\System32\netman.dll
16:26:48.0781 0768 Netman - ok
16:26:48.0890 0768 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
16:26:48.0906 0768 NetTcpPortSharing - ok
16:26:48.0906 0768 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
16:26:48.0906 0768 NIC1394 - ok
16:26:48.0953 0768 Nla (39ee7c3bfbc64ba87cc8cf67386e814c) C:\WINDOWS\System32\mswsock.dll
16:26:48.0953 0768 Nla - ok
16:26:48.0968 0768 nm (1e421a6bcf2203cc61b821ada9de878b) C:\WINDOWS\system32\DRIVERS\NMnt.sys
16:26:48.0984 0768 nm - ok
16:26:49.0015 0768 nmwcd (c3963d85b721a7f80d8a55f4e2867a3a) C:\WINDOWS\system32\drivers\ccdcmb.sys
16:26:49.0015 0768 nmwcd - ok
16:26:49.0046 0768 nmwcdc (3859c69a77793180548802dac9f34a38) C:\WINDOWS\system32\drivers\ccdcmbo.sys
16:26:49.0062 0768 nmwcdc - ok
16:26:49.0062 0768 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
16:26:49.0078 0768 Npfs - ok
16:26:49.0093 0768 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
16:26:49.0125 0768 Ntfs - ok
16:26:49.0156 0768 NtLmSsp (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
16:26:49.0156 0768 NtLmSsp - ok
16:26:49.0187 0768 NtmsSvc (023dd70573d644f3d9c8b1258a7bfd08) C:\WINDOWS\system32\ntmssvc.dll
16:26:49.0203 0768 NtmsSvc - ok
16:26:49.0250 0768 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
16:26:49.0250 0768 Null - ok
16:26:49.0468 0768 nv (4f15e1e56703f59c0ac00022162e5308) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
16:26:49.0671 0768 nv - ok
16:26:49.0734 0768 nvsvc (383aa018830eb16965181c39cb0f3b73) C:\WINDOWS\system32\nvsvc32.exe
16:26:49.0734 0768 nvsvc - ok
16:26:49.0781 0768 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
16:26:49.0796 0768 NwlnkFlt - ok
16:26:49.0796 0768 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
16:26:49.0812 0768 NwlnkFwd - ok
16:26:49.0859 0768 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
16:26:49.0859 0768 ohci1394 - ok
16:26:49.0906 0768 Parport (46f8db73b4a53e543f8e371dc7c75bae) C:\WINDOWS\system32\drivers\Parport.sys
16:26:49.0937 0768 Parport - ok
16:26:49.0937 0768 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
16:26:49.0953 0768 PartMgr - ok
16:26:50.0000 0768 ParVdm (1fae19d0457176318bba4a8795656ebc) C:\WINDOWS\system32\drivers\ParVdm.sys
16:26:50.0000 0768 ParVdm - ok
16:26:50.0015 0768 pccsmcfd (fd2041e9ba03db7764b2248f02475079) C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
16:26:50.0031 0768 pccsmcfd - ok
16:26:50.0046 0768 PCI (6ce351d149cb4befc702951e471e1730) C:\WINDOWS\system32\DRIVERS\pci.sys
16:26:50.0078 0768 PCI - ok
16:26:50.0078 0768 PCIDump - ok
16:26:50.0078 0768 PCIIde (2da4ec85e0ea7a45c6b2a05820492d5a) C:\WINDOWS\system32\DRIVERS\pciide.sys
16:26:50.0078 0768 PCIIde - ok
16:26:50.0109 0768 PCLEPCI (1bebe7de8508a02650cdce45c664c2a2) C:\WINDOWS\system32\drivers\pclepci.sys
16:26:50.0125 0768 PCLEPCI - ok
16:26:50.0171 0768 Pcmcia (4fc31e6c19a5ce5198b1abff94cae758) C:\WINDOWS\system32\drivers\Pcmcia.sys
16:26:50.0187 0768 Pcmcia - ok
16:26:50.0187 0768 PDCOMP - ok
16:26:50.0187 0768 PDFRAME - ok
16:26:50.0187 0768 PDRELI - ok
16:26:50.0203 0768 PDRFRAME - ok
16:26:50.0203 0768 perc2 - ok
16:26:50.0203 0768 perc2hib - ok
16:26:50.0250 0768 PinnacleRoyalTS (48b06eca2c2f036eb3912d816ee5941b) C:\WINDOWS\system32\DRIVERS\RoyalTS.sys
16:26:50.0265 0768 PinnacleRoyalTS - ok
16:26:50.0281 0768 PLCND532 (cf5aa091b8ba5aee3f3adb310b9f73cb) C:\WINDOWS\system32\Drivers\PLCND532.sys
16:26:50.0296 0768 PLCND532 - ok
16:26:50.0343 0768 PlugPlay (9ef697af07bb8dd82c3b02ca953a95b7) C:\WINDOWS\system32\services.exe
16:26:50.0343 0768 PlugPlay - ok
16:26:50.0359 0768 PolicyAgent (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
16:26:50.0359 0768 PolicyAgent - ok
16:26:50.0375 0768 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
16:26:50.0390 0768 PptpMiniport - ok
16:26:50.0390 0768 ProtectedStorage (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
16:26:50.0390 0768 ProtectedStorage - ok
16:26:50.0390 0768 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
16:26:50.0421 0768 PSched - ok
16:26:50.0453 0768 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
16:26:50.0468 0768 Ptilink - ok
16:26:50.0468 0768 ql1080 - ok
16:26:50.0484 0768 Ql10wnt - ok
16:26:50.0484 0768 ql12160 - ok
16:26:50.0484 0768 ql1240 - ok
16:26:50.0484 0768 ql1280 - ok
16:26:50.0515 0768 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
16:26:50.0531 0768 RasAcd - ok
16:26:50.0531 0768 RasAuto (2b5e44ea009f2f374b980e1e9a70635d) C:\WINDOWS\System32\rasauto.dll
16:26:50.0546 0768 RasAuto - ok
16:26:50.0562 0768 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
16:26:50.0578 0768 Rasl2tp - ok
16:26:50.0593 0768 RasMan (d57554c664b64604bd1ee13ea2c07e77) C:\WINDOWS\System32\rasmans.dll
16:26:50.0593 0768 RasMan - ok
16:26:50.0593 0768 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
16:26:50.0609 0768 RasPppoe - ok
16:26:50.0625 0768 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
16:26:50.0625 0768 Raspti - ok
16:26:50.0671 0768 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
16:26:50.0671 0768 Rdbss - ok
16:26:50.0687 0768 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
16:26:50.0687 0768 RDPCDD - ok
16:26:50.0734 0768 RDPWD (6589db6e5969f8eee594cf71171c5028) C:\WINDOWS\system32\drivers\RDPWD.sys
16:26:50.0734 0768 RDPWD - ok
16:26:50.0765 0768 RDSessMgr (c0d9d9711cb74ee9bc66353d8cbdab0e) C:\WINDOWS\system32\sessmgr.exe
16:26:50.0812 0768 RDSessMgr - ok
16:26:50.0812 0768 redbook (611bfd220305be3a85ae876ea47d4aa5) C:\WINDOWS\system32\DRIVERS\redbook.sys
16:26:50.0828 0768 redbook - ok
16:26:50.0875 0768 RemoteAccess (127c26b5371651043450e52542099aba) C:\WINDOWS\System32\mprdim.dll
16:26:50.0890 0768 RemoteAccess - ok
16:26:50.0890 0768 RpcLocator (718b3bdc0bc3c2f7d065a53d26202af9) C:\WINDOWS\system32\locator.exe
16:26:50.0921 0768 RpcLocator - ok
16:26:50.0968 0768 RpcSs (be27674d1cbc3214aec84b4336a38bbf) C:\WINDOWS\system32\rpcss.dll
16:26:50.0968 0768 RpcSs - ok
16:26:51.0000 0768 RSVP (09ab2e71e58b078038e3bfdba7ffc984) C:\WINDOWS\system32\rsvp.exe
16:26:51.0031 0768 RSVP - ok
16:26:51.0062 0768 SamSs (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
16:26:51.0062 0768 SamSs - ok
16:26:51.0062 0768 SCardSvr (410046e401eb11e1e6749e9deea41d4a) C:\WINDOWS\System32\SCardSvr.exe
16:26:51.0093 0768 SCardSvr - ok
16:26:51.0140 0768 Schedule (3ff232a7731621b8902d81d42418c93c) C:\WINDOWS\system32\schedsvc.dll
16:26:51.0140 0768 Schedule - ok
16:26:51.0156 0768 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
16:26:51.0171 0768 Secdrv - ok
16:26:51.0187 0768 seclogon (477e2c3cc5e4a0d635bcb0ea8dcac3c6) C:\WINDOWS\System32\seclogon.dll
16:26:51.0187 0768 seclogon - ok
16:26:51.0203 0768 SENS (a530b75c10c23c9ab28fdb6ce719e21f) C:\WINDOWS\system32\sens.dll
16:26:51.0203 0768 SENS - ok
16:26:51.0203 0768 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
16:26:51.0218 0768 serenum - ok
16:26:51.0218 0768 Serial (b842729337c9b921615c40d3c1a1af96) C:\WINDOWS\system32\DRIVERS\serial.sys
16:26:51.0265 0768 Serial - ok
16:26:51.0390 0768 ServiceLayer (d0d2ff6132db177a5192891a8cc9578c) C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
16:26:51.0390 0768 ServiceLayer - ok
16:26:51.0406 0768 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
16:26:51.0421 0768 Sfloppy - ok
16:26:51.0437 0768 SharedAccess (f58faca9621d2db01bd0927d9a0a208e) C:\WINDOWS\System32\ipnathlp.dll
16:26:51.0437 0768 SharedAccess - ok
16:26:51.0453 0768 ShellHWDetection (ee9a2b9ea968a792a053c9d1a86bf870) C:\WINDOWS\System32\shsvcs.dll
16:26:51.0453 0768 ShellHWDetection - ok
16:26:51.0453 0768 Simbad - ok
16:26:51.0500 0768 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
16:26:51.0515 0768 SLIP - ok
16:26:51.0515 0768 Sparrow - ok
16:26:51.0562 0768 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
16:26:51.0562 0768 splitter - ok
16:26:51.0593 0768 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
16:26:51.0593 0768 Spooler - ok
16:26:51.0640 0768 sr (94610c8653635e4459316a0050d55ce7) C:\WINDOWS\system32\DRIVERS\sr.sys
16:26:51.0656 0768 sr - ok
16:26:51.0671 0768 srservice (35b91147124f64ac8081a2edb9ea4dee) C:\WINDOWS\system32\srsvc.dll
16:26:51.0671 0768 srservice - ok
16:26:51.0718 0768 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
16:26:51.0718 0768 Srv - ok
16:26:51.0750 0768 SSDPSRV (becd5271dc4e3b7c3d035f790fcbc1e5) C:\WINDOWS\System32\ssdpsrv.dll
16:26:51.0750 0768 SSDPSRV - ok
16:26:51.0796 0768 stisvc (c1cdd9275f6a115bb0ae1d55d8d27ba6) C:\WINDOWS\system32\wiaservc.dll
16:26:51.0796 0768 stisvc - ok
16:26:51.0812 0768 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
16:26:51.0812 0768 streamip - ok
16:26:51.0859 0768 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
16:26:51.0875 0768 swenum - ok
16:26:51.0984 0768 SwitchBoard (f577910a133a592234ebaad3f3afa258) C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
16:26:52.0031 0768 SwitchBoard - ok
16:26:52.0093 0768 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
16:26:52.0109 0768 swmidi - ok
16:26:52.0109 0768 SwPrv - ok
16:26:52.0109 0768 symc810 - ok
16:26:52.0125 0768 symc8xx - ok
16:26:52.0125 0768 sym_hi - ok
16:26:52.0125 0768 sym_u3 - ok
16:26:52.0140 0768 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
16:26:52.0156 0768 sysaudio - ok
16:26:52.0203 0768 SysmonLog (ce06f01b88ace199a1bf460cac29c110) C:\WINDOWS\system32\smlogsvc.exe
16:26:52.0250 0768 SysmonLog - ok
16:26:52.0281 0768 TapiSrv (c2546cd7a398476f9df5614b2ae160e8) C:\WINDOWS\System32\tapisrv.dll
16:26:52.0281 0768 TapiSrv - ok
16:26:52.0343 0768 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
16:26:52.0343 0768 Tcpip - ok
16:26:52.0375 0768 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
16:26:52.0390 0768 TDPIPE - ok
16:26:52.0390 0768 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
16:26:52.0406 0768 TDTCP - ok
16:26:52.0437 0768 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
16:26:52.0453 0768 TermDD - ok
16:26:52.0468 0768 TermService (a75dd6fc3dbee4fff5ebc9f2c28bb66e) C:\WINDOWS\System32\termsrv.dll
16:26:52.0468 0768 TermService - ok
16:26:52.0515 0768 Themes (ee9a2b9ea968a792a053c9d1a86bf870) C:\WINDOWS\System32\shsvcs.dll
16:26:52.0515 0768 Themes - ok
16:26:52.0625 0768 TomTomHOMEService (efef22b9577e5051057fde1ae381b50c) C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
16:26:52.0625 0768 TomTomHOMEService - ok
16:26:52.0640 0768 TosIde - ok
16:26:52.0687 0768 TrkWks (38853304ccb938d30e0c4cde8d2c2a8a) C:\WINDOWS\system32\trkwks.dll
16:26:52.0687 0768 TrkWks - ok
16:26:52.0718 0768 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
16:26:52.0750 0768 Udfs - ok
16:26:52.0750 0768 ultra - ok
16:26:52.0796 0768 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
16:26:52.0812 0768 Update - ok
16:26:52.0859 0768 upnphost (651bd90dcee5b7bdc74a2eb7c9266f9e) C:\WINDOWS\System32\upnphost.dll
16:26:52.0859 0768 upnphost - ok
16:26:52.0906 0768 upperdev (0ccadc7391021376edbb8aa649d04e68) C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys
16:26:52.0906 0768 upperdev - ok
16:26:52.0921 0768 UPS (20a0f6a11959e92908717d09e87d670d) C:\WINDOWS\System32\ups.exe
16:26:52.0953 0768 UPS - ok
16:26:53.0000 0768 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
16:26:53.0015 0768 usbccgp - ok
16:26:53.0062 0768 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
16:26:53.0078 0768 usbehci - ok
16:26:53.0078 0768 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
16:26:53.0109 0768 usbhub - ok
16:26:53.0109 0768 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
16:26:53.0125 0768 usbprint - ok
16:26:53.0125 0768 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
16:26:53.0140 0768 usbscan - ok
16:26:53.0203 0768 usbser (1c888b000c2f9492f4b15b5b6b84873e) C:\WINDOWS\system32\drivers\usbser.sys
16:26:53.0218 0768 usbser - ok
16:26:53.0234 0768 UsbserFilt (68b4f83cccf70a2ff32ee142c234332a) C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys
16:26:53.0234 0768 UsbserFilt - ok
16:26:53.0265 0768 usbstor (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
16:26:53.0281 0768 usbstor - ok
16:26:53.0296 0768 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
16:26:53.0296 0768 usbuhci - ok
16:26:53.0359 0768 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
16:26:53.0359 0768 VgaSave - ok
16:26:53.0359 0768 ViaIde - ok
16:26:53.0375 0768 VolSnap (28a4b296b47782173c346e376cb374d1) C:\WINDOWS\system32\drivers\VolSnap.sys
16:26:53.0406 0768 VolSnap - ok
16:26:53.0406 0768 VSS (d6ba1a63d9e00933f1cd2a885573afb2) C:\WINDOWS\System32\vssvc.exe
16:26:53.0453 0768 VSS - ok
16:26:53.0484 0768 W32Time (fa4e1cdba256787f2149f4aad07bc91f) C:\WINDOWS\system32\w32time.dll
16:26:53.0500 0768 W32Time - ok
16:26:53.0500 0768 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
16:26:53.0515 0768 Wanarp - ok
16:26:53.0562 0768 Wdf01000 (d918617b46457b9ac28027722e30f647) C:\WINDOWS\system32\Drivers\wdf01000.sys
16:26:53.0578 0768 Wdf01000 - ok
16:26:53.0578 0768 WDICA - ok
16:26:53.0625 0768 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
16:26:53.0656 0768 wdmaud - ok
16:26:53.0671 0768 WebClient (47ae51048a82dfa1cd6b51d369f7e169) C:\WINDOWS\System32\webclnt.dll
16:26:53.0671 0768 WebClient - ok
16:26:53.0765 0768 winmgmt (e488332126e3b1182d2b8a0c35408ec6) C:\WINDOWS\system32\wbem\WMIsvc.dll
16:26:53.0765 0768 winmgmt - ok
16:26:53.0812 0768 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
16:26:53.0828 0768 WmdmPmSN - ok
16:26:53.0875 0768 WmiApSrv (23f6f03272f7e5679f1f050aed5acee6) C:\WINDOWS\system32\wbem\wmiapsrv.exe
16:26:53.0875 0768 WmiApSrv - ok
16:26:54.0015 0768 WMPNetworkSvc (3739866d20abd42f26a7b85f9e2560af) C:\Program Files\Windows Media Player\WMPNetwk.exe
16:26:54.0171 0768 WMPNetworkSvc - ok
16:26:54.0203 0768 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
16:26:54.0218 0768 WpdUsb - ok
16:26:54.0375 0768 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
16:26:54.0421 0768 WPFFontCache_v0400 - ok
16:26:54.0468 0768 wscsvc (4c86d5faf78194995af9cc1075f65dd3) C:\WINDOWS\system32\wscsvc.dll
16:26:54.0468 0768 wscsvc - ok
16:26:54.0515 0768 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
16:26:54.0531 0768 WSTCODEC - ok
16:26:54.0578 0768 wuauserv (c1364564800ee9784192145324a23308) C:\WINDOWS\system32\wuauserv.dll
16:26:54.0578 0768 wuauserv - ok
16:26:54.0625 0768 WudfPf (6ff66513d372d479ef1810223c8d20ce) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
16:26:54.0640 0768 WudfPf - ok
16:26:54.0687 0768 WudfRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
16:26:54.0718 0768 WudfRd - ok
16:26:54.0781 0768 WudfSvc (575a4190d989f64732119e4114045a4f) C:\WINDOWS\System32\WUDFSvc.dll
16:26:54.0843 0768 WudfSvc - ok
16:26:54.0890 0768 WZCSVC (a27d4ba7264c0bf52f32d10405bea1d4) C:\WINDOWS\System32\wzcsvc.dll
16:26:54.0906 0768 WZCSVC - ok
16:26:54.0906 0768 xmlprov (eaa4bb9edb3fb10cf8979fe65e63658f) C:\WINDOWS\System32\xmlprov.dll
16:26:54.0937 0768 xmlprov - ok
16:26:54.0968 0768 MBR (0x1B8) (413fc2a0c716421b3158746d63736515) \Device\Harddisk0\DR0
16:26:55.0250 0768 \Device\Harddisk0\DR0 - ok
16:26:55.0250 0768 Boot (0x1200) (0267cb2fb055317cdd0a0fe775de5a2a) \Device\Harddisk0\DR0\Partition0
16:26:55.0250 0768 \Device\Harddisk0\DR0\Partition0 - ok
16:26:55.0250 0768 ============================================================
16:26:55.0250 0768 Scan finished
16:26:55.0250 0768 ============================================================
16:26:55.0265 3116 Detected object count: 0
16:26:55.0265 3116 Actual detected object count: 0
16:27:29.0921 3264 Deinitialize success

[Anonym19]

ComboFix 12-06-16.02 - Uživatel 18.06.2012 16:51:08.1.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.3327.2540 [GMT 2:00]
Spuštěný z: c:\documents and settings\Uživatel\Plocha\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\Install.exe
C:\RECYCLER(2)
c:\recycler(2)\S-1-5-21-299502267-1979792683-1801674531-1004(2)\INFO2
c:\recycler(2)\S-1-5-21-299502267-1979792683-1801674531-500\Dc2.zip
c:\recycler(2)\S-1-5-21-299502267-1979792683-1801674531-500\Dc3.zip
c:\recycler(2)\S-1-5-21-299502267-1979792683-1801674531-500\Dc4.txt
c:\recycler(2)\S-1-5-21-299502267-1979792683-1801674531-500\Dc5.txt
c:\recycler(2)\S-1-5-21-299502267-1979792683-1801674531-500\Dc7.txt
c:\recycler(2)\S-1-5-21-299502267-1979792683-1801674531-500\Dc8.dat
c:\recycler(2)\S-1-5-21-299502267-1979792683-1801674531-500\INFO2
c:\windows\attach.log
c:\windows\IsUn0405.exe
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\system32\WINXP
c:\windows\system32\WINXP\msgclose.exe
c:\windows\XSxS
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-05-18 do 2012-06-18 )))))))))))))))))))))))))))))))
.
.
2012-06-14 17:04 . 2012-06-14 17:04 -------- d-----w- c:\documents and settings\Uživatel\Data aplikací\Malwarebytes
2012-06-14 17:04 . 2012-06-17 18:13 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-06-14 13:48 . 2012-05-11 14:44 521728 -c----w- c:\windows\system32\dllcache\jsdbgui.dll
2012-06-08 20:08 . 2012-06-08 20:08 770384 ----a-w- c:\program files\Mozilla Firefox\msvcr100.dll
2012-06-08 20:08 . 2012-06-08 20:08 421200 ----a-w- c:\program files\Mozilla Firefox\msvcp100.dll
2012-06-08 15:08 . 2012-06-17 16:32 -------- d-----w- c:\documents and settings\All Users\Data aplikac
2012-06-08 15:02 . 2012-06-08 15:02 -------- d-----w- c:\program files\SmartSound Software
2012-06-08 15:01 . 2004-07-02 14:28 84992 ----a-w- c:\windows\system32\ATL70.DLL
2012-06-08 14:59 . 2005-02-09 09:59 14165 ----a-w- c:\windows\system32\drivers\Pclepci.sys
2012-06-08 14:59 . 2004-02-24 10:04 41219 ----a-w- c:\windows\RSETPATH.exe
2012-06-08 14:56 . 2005-03-21 17:04 729088 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iKernel.dll
2012-06-08 14:56 . 2003-11-10 16:13 69715 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\ctor.dll
2012-06-08 14:56 . 2003-11-10 16:12 266240 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iscript.dll
2012-06-08 14:56 . 2003-11-10 16:12 192512 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iuser.dll
2012-06-08 14:56 . 2003-11-10 16:11 5632 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\DotNetInstaller.exe
2012-06-08 14:56 . 2012-06-08 14:56 311428 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\setup.dll
2012-06-08 14:56 . 2012-06-08 14:56 188548 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iGdi.dll
2012-06-08 14:43 . 2012-06-08 14:43 -------- d-----w- c:\documents and settings\Uživatel\Data aplikací\Publish Providers
2012-06-08 14:40 . 2012-06-08 14:40 -------- d-----w- c:\documents and settings\Uživatel\Local Settings\Data aplikací\Sony
2012-06-08 14:35 . 2012-06-08 14:35 -------- d-----w- c:\program files\Sony
2012-06-08 14:34 . 2012-06-08 14:43 -------- d-----w- c:\documents and settings\Uživatel\Data aplikací\Sony
2012-06-06 16:12 . 2012-06-06 16:12 -------- d-----w- c:\documents and settings\Uživatel\Data aplikací\Unigraphics Solutions
2012-06-06 16:09 . 2012-06-06 16:09 -------- d-----w- c:\documents and settings\Uživatel\Local Settings\Data aplikací\Femap
2012-06-06 16:04 . 2012-06-06 16:13 -------- d-----w- c:\program files\Solid Edge ST4
2012-06-06 16:01 . 2012-06-06 16:01 -------- d-----w- c:\program files\Microsoft.NET
2012-05-29 16:41 . 2012-05-29 16:41 -------- d-----w- c:\program files\Common Files\Java
2012-05-29 16:40 . 2012-05-29 16:40 143872 ----a-w- c:\windows\system32javacpl.cpl
2012-05-27 17:43 . 2012-05-27 17:43 -------- d-----w- c:\program files\Lame For Audacity
2012-05-21 18:39 . 2012-05-21 18:39 -------- d-----w- c:\documents and settings\Uživatel\Data aplikací\Design Science
2012-05-21 18:39 . 2012-05-21 18:39 -------- d-----w- c:\program files\MathType
2012-05-21 18:05 . 2012-05-21 18:05 -------- d-----w- c:\program files\Rapid-Pi
2012-05-21 13:42 . 2012-05-21 13:42 -------- d-----w- C:\angličtina
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-06-17 19:40 . 2012-04-02 14:10 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-06-17 19:40 . 2011-05-15 11:22 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-05-31 13:22 . 2008-04-14 12:00 602112 ----a-w- c:\windows\system32\crypt32.dll
2012-05-16 15:09 . 2008-04-14 12:00 916992 ----a-w- c:\windows\system32\wininet.dll
2012-05-15 13:55 . 2008-04-14 12:00 1863168 ----a-w- c:\windows\system32\win32k.sys
2012-05-11 14:44 . 2008-04-14 12:00 43520 ------w- c:\windows\system32\licmgr10.dll
2012-05-11 14:44 . 2008-04-14 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2012-05-11 11:38 . 2008-04-14 12:00 385024 ------w- c:\windows\system32\html.iec
2012-05-05 03:14 . 2008-04-14 12:00 2150400 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-05-05 03:14 . 2008-04-14 08:06 2028544 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-05-02 13:46 . 2002-01-01 20:24 139656 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-04-04 16:47 . 2011-01-18 18:18 143872 ----a-w- c:\windows\system32\javacpl.cpl
2012-04-04 16:47 . 2012-01-27 17:43 772504 ----a-w- c:\windows\system32\npdeployJava1.dll
2012-04-04 16:47 . 2011-01-18 18:18 687504 ----a-w- c:\windows\system32\deployJava1.dll
2012-03-20 18:44 . 2012-03-20 18:44 171064 ----a-w- c:\windows\system32\drivers\MpFilter.sys
2012-06-08 20:08 . 2011-03-28 15:02 85472 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OM2_Monitor"="c:\program files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" [2007-09-04 95536]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-03-12 39408]
"Skype"="c:\1_hry\Phone\Skype.exe" [2010-03-09 26100520]
"RemoTerm.exe"="c:\program files\Common Files\PCTV Systems\RemoTerm\RemoTerm.exe" [BU]
"TomTomHOME.exe"="c:\program files\TomTom HOME 2\TomTomHOMERunner.exe" [2011-04-22 247728]
"PMCRemote"="c:\program files\Pinnacle\Shared Files\Programs\Remote\Remoterm.exe" [2008-11-18 226576]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GEST"="=" [X]
"NokiaMServer"="c:\program files\Common Files\Nokia\MPlatform\NokiaMServer" [X]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"nwiz"="c:\program files\NVIDIA Corporation\nView\nwiz.exe" [2009-08-12 1657376]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-08-17 13877248]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-08-17 86016]
"RTHDCPL"="RTHDCPL.EXE" [2009-05-21 17881600]
"bcmwltry"="bcmwltry.exe" [2003-07-25 462848]
"removecpl"="RemoveCpl.exe" [BU]
"Six Engine"="c:\program files\ASUS\EPU-6 Engine\SixEngine.exe" [2009-06-26 6036992]
"Nokia FastStart"="c:\program files\Nokia\Nokia Music\NokiaMusic.exe" [2009-02-26 2376992]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2006-09-01 282624]
"OM2_Monitor"="c:\program files\OLYMPUS\OLYMPUS Master 2\FirstStart.exe" [2007-09-04 54576]
"WheelMouse"="c:\program files\A4Tech\Mouse\Amoumain.exe" [2007-05-15 204800]
"AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-01-03 500208]
"SwitchBoard"="c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5ServiceManager"="c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-03-27 37296]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 843712]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-26 931200]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296]
"PinnacleDriverCheck"="c:\windows\system32\\PSDrvCheck.exe" [2004-03-10 406016]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
AutoCAD Startup Accelerator.lnk - c:\program files\Common Files\Autodesk Shared\acstart17.exe [2006-3-5 11000]
Belkin 802.11g Wireless PCI Card Configuration Utility.lnk - c:\program files\Belkin\Belkin 802.11g Wireless PCI Card Configuration Utility\utility.exe [2009-10-3 327765]
Belkin Wireless G Desktop Card Client Utility.lnk - c:\program files\Belkin\F5D7000v7032\Belkinwcui.exe [2009-10-3 1560576]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office\OSA9.EXE [2000-1-21 65588]
Pinnacle Streaming Server.lnk - c:\program files\Pinnacle\Shared Files\Programs\StrmServer\StrmServer.exe [2008-3-25 603408]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\1_hry\\FlatOut Ultimate Carnage\\Fouc.exe"=
"c:\\1_hry\\Plugin Manager\\skypePM.exe"=
"c:\\1_hry\\ICQ7.0\\ICQ.exe"=
"c:\\1_hry\\ICQ7.0\\aolload.exe"=
"c:\\1_sta~eno\\11tor\\uTorrent.exe"=
"c:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"=
"c:\\1_hry\\Phone\\Skype.exe"=
"c:\\Program Files\\totalcmd\\TOTALCMD.EXE"=
"c:\\Program Files\\Pinnacle\\Studio 10\\programs\\RM.exe"=
"c:\\Program Files\\Pinnacle\\Studio 10\\programs\\Studio.exe"=
"c:\\Program Files\\Pinnacle\\Studio 10\\programs\\PMSRegisterFile.exe"=
"c:\\Program Files\\Pinnacle\\Studio 10\\programs\\umi.exe"=
.
R2 DvmMDES;DeviceVM Meta Data Export Service;c:\asus.sys\config\DVMExportService.exe [10.4.2009 18:29 294912]
R2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [12.3.2010 17:21 246520]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [17.6.2012 20:13 654408]
R2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [22.4.2011 14:21 92592]
R3 DNINDIS5;DNINDIS5 NDIS Protocol Driver;c:\progra~1\Belkin\BELKIN~1.11G\DNINDIS5.SYS [3.10.2009 13:59 17149]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [17.6.2012 20:13 22344]
R3 PinnacleRoyalTS;Pinnacle Systems RoyalTS Device;c:\windows\system32\drivers\RoyalTS.sys [17.11.2011 18:48 123520]
S2 AsSysCtrlService;ASUS System Control Service;c:\program files\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [4.10.2009 14:34 90112]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18.3.2010 13:16 130384]
S2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [12.3.2010 15:11 135664]
S3 3xHybrid;Pinnacle PCTV 100i-110i-300i-310i-MCE;c:\windows\system32\drivers\3xHybrid.sys [4.10.2009 13:59 1121536]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2.4.2012 16:10 257224]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [3.10.2009 12:52 1684736]
S3 azvusb;Virtual USB Hub;c:\windows\system32\drivers\azvusb.sys [24.8.2009 10:14 44544]
S3 Belkin700F;Belkin Wireless G Desktop Card Service v7;c:\windows\system32\drivers\BLKWGDv7.sys [3.10.2009 14:01 303616]
S3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [12.3.2010 15:11 135664]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [25.4.2012 21:22 113120]
S3 PLCND532;PLCND532 NDIS Protocol Driver;c:\windows\system32\drivers\PLCND532.sys [14.12.2007 10:26 26656]
S3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [19.2.2010 14:37 517096]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18.3.2010 13:16 753504]
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - 71094982
*Deregistered* - 71094982
.
Obsah adresáře 'Naplánované úlohy'
.
2012-06-17 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-02 19:40]
.
2012-01-07 c:\windows\Tasks\AdobeAAMUpdater-1.0-U-CFC2265D51644-Uživatel.job
- c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [2012-01-03 20:07]
.
2012-06-18 c:\windows\Tasks\Microsoft Antimalware Scheduled Scan.job
- c:\program files\Microsoft Security Client\MpCmdRun.exe [2012-03-26 15:03]
.
2012-06-18 c:\windows\Tasks\MpIdleTask.job
- c:\program files\Microsoft Security Client\MpCmdRun.exe [2012-03-26 15:03]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
TCP: Interfaces\{E0015BB1-ADED-4CA6-BC07-EF371D11BD29}: NameServer = 10.0.0.138
FF - ProfilePath - c:\documents and settings\Uživatel\Data aplikací\Mozilla\Firefox\Profiles\v7w8g95r.default\
.
.
------- Asociace souborů -------
.
.scr=AutoCADScriptFile
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-06-18 16:56
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
Celkový čas: 2012-06-18 16:58:05
ComboFix-quarantined-files.txt 2012-06-18 14:57
ComboFix2.txt 2012-06-14 20:01
.
Před spuštěním: Volných bajtů: 213 852 831 744
Po spuštění: Volných bajtů: 213 905 809 408
.
- - End Of File - - B83470C13FC39E7EA76D9849F5C26B4F

[jaro3]

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

Vyčisti systém CCleanerem
a použij i T-Cleaner
smaže vše po Combu,MWAVu atd.-stáhneš>spustíš

pozn. před stažením T-Cleaneru a po dobu čištění deaktivuj antivir a antispyware ,následně T-Cleaner smaž a zapni si znovu antivir a antispyware.


Jak to vypadá nyní?

[Anonym19]

zatím jsem odinstaloval combo fix a stahnul ccleaner ale zda se mi ze toho chce smazat nejako moc, tak jsem zatím smazal jenom veci tykajici se pouze prohlizecu a nevim co vsechno by se smazalo u ostatnich programu, proc to chce mazat tolik log souboru??
a kdyz jsem se koukal na registr bylo toho tam nejak moc (a to se mi nezdalo)

[Žbeky]

Dej opravu registrů, povol zálohu a oprav vše

[Anonym19]

číštění proběhlo a vypadá to, že by to mohlo být Ok

[Žbeky]

Tsak pokud nejsou problémy, můžeš dát vyřešeno

[Anonym19]

tak mam problém, plocha se nacte bez problemu, ale potom uz na ni nelze NIC udelat a to ani po 10 minutach vetsinou stacil restart, ale dnes se to nerozbehlo vubec
tak jsem obnovil system ke vcerejsimu dni a je to stejne spomaleny
a zacal mi kolisat pripojeni k internetu

[jaro3]

Stáhni si Memtest:

Do políčka vlož největší velikost Tvé jednotlivé paměti RAM (256,512 nebo 1024,2048) dej Start , nech nejméně 2h běžet , pokud bude po 2h stále 0 errors , jsou v pořádku.


Je třeba zkontrolovat HDD na chyby , zkusit jeho defragmentaci ..


Stáhni si CrystalDiskInfo
Spusť program a klikni na Úpravy-Kopírovat. Poté sem vlož pomocí Ctrl+V obsah logu.


Nebo:
http://www.slunecnice.cz/sw/hiren-s-boot-cd/stahnout/
Stáhni a vypal Hirens Boot CD na CD
Soubor .iso vypal na CD v tomto programu:
http://www.slunecnice.cz/sw/active-iso-burner/

http://www.hirensbootcd.org/download/
Nabootuj z tohoto CD.
Jsou tam programy na otestování PC , zkontroluj tím disky , RAM atd.