prosím o kontrolu logu

joboj · Příspěvekod **joboj** » 04 črc 2012 08:08

Prosím o kontrolu logu. Když chci spustit jakoukoliv hru či aplikaci, píše PC:"není platná aplikace typu win32", nebo se sekne např. Opera a nejde znovu spustit "pro dokončení není dostatek prostředků". PC jede chvíli normálně, po nějaké době se ale začne sekat a psát zmíněné hlášky. Po restartu vše opět nějakou dobu běží a pak nanovo. Děkuju za radu.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:08:06, on 4.7.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17110)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\DeviceVM\Browser Configuration Utility\BCUService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe
C:\Program Files\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe
C:\Program Files\CyberLink\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe
C:\Program Files\Gigabyte\EnergySaver2\des2svr.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Program Files\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Microsoft\BingBar\7.1.382.0\SeaPort.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\DeviceVM\Browser Configuration Utility\BCU.exe
C:\Program Files\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Alwil Software\Avast5\avastUI.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\Program Files\CyberLink\PowerDVD11\PDVD11Serv.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\GIGABYTE\Smart6\Timelock\AlarmClock.exe
C:\Documents and Settings\milan\Plocha\HiJackThis.exe
C:\Program Files\Opera\opera.exe
C:\Program Files\Opera\pluginwrapper\opera_plugin_wrapper.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.alawarhry.cz
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.alawarhry.cz
R3 - URLSearchHook: SearchHook Class - {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\7.1.382.0\BingExt.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files\Microsoft\BingBar\7.1.382.0\BingExt.dll" (file missing)
O4 - HKLM\..\Run: [BCU] "C:\Program Files\DeviceVM\Browser Configuration Utility\BCU.exe"
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [36X Raid Configurer] C:\WINDOWS\system32\xRaidSetup.exe boot
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [avast] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe /installquiet
O4 - HKLM\..\Run: [RemoteControl11] C:\Program Files\CyberLink\PowerDVD11\PDVD11Serv.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [LaunchList] C:\Program Files\Pinnacle\Studio 11\LaunchList2.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-21-1960408961-1229272821-725345543-1006\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'UpdatusUser')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Program Files\ICQ7.1\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Program Files\ICQ7.1\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{1E0E085F-C92F-49E0-B9A9-6FF5D96EC4C8}: NameServer = 212.111.0.10
O17 - HKLM\System\CS1\Services\Tcpip\..\{1E0E085F-C92F-49E0-B9A9-6FF5D96EC4C8}: NameServer = 212.111.0.10
O17 - HKLM\System\CS2\Services\Tcpip\..\{1E0E085F-C92F-49E0-B9A9-6FF5D96EC4C8}: NameServer = 212.111.0.10
O17 - HKLM\System\CS3\Services\Tcpip\..\{1E0E085F-C92F-49E0-B9A9-6FF5D96EC4C8}: NameServer = 212.111.0.10
O17 - HKLM\System\CS4\Services\Tcpip\..\{1E0E085F-C92F-49E0-B9A9-6FF5D96EC4C8}: NameServer = 212.111.0.10
O17 - HKLM\System\CS5\Services\Tcpip\..\{1E0E085F-C92F-49E0-B9A9-6FF5D96EC4C8}: NameServer = 212.111.0.10
O17 - HKLM\System\CS6\Services\Tcpip\..\{1E0E085F-C92F-49E0-B9A9-6FF5D96EC4C8}: NameServer = 212.111.0.10
O17 - HKLM\System\CS7\Services\Tcpip\..\{1E0E085F-C92F-49E0-B9A9-6FF5D96EC4C8}: NameServer = 212.111.0.10
O17 - HKLM\System\CS8\Services\Tcpip\..\{1E0E085F-C92F-49E0-B9A9-6FF5D96EC4C8}: NameServer = 212.111.0.10
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Browser Configuration Utility Service (BCUService) - DeviceVM, Inc. - C:\Program Files\DeviceVM\Browser Configuration Utility\BCUService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CLHNServiceForPowerDVD - Unknown owner - C:\Program Files\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe
O23 - Service: CyberLink PowerDVD 11.0 Monitor Service - CyberLink - C:\Program Files\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe
O23 - Service: CyberLink PowerDVD 11.0 Service - CyberLink - C:\Program Files\CyberLink\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe
O23 - Service: DES2 Service for Energy Saving. (DES2 Service) - Unknown owner - C:\Program Files\Gigabyte\EnergySaver2\des2svr.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: PCLEPCI - Pinnacle Systems GmbH - C:\WINDOWS\system32\drivers\pclepci.sys
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: Smart TimeLock Service (Smart TimeLock) - Gigabyte Technology CO., LTD. - C:\Program Files\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2004\WinStylerThemeSvc.exe
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe

--
End of file - 11827 bytes

Reklama

Příspěvekod **memphisto** » 04 črc 2012 08:13

Odinstaluj Bing Bar

v logu fixni:
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\7.1.382.0\BingExt.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files\Microsoft\BingBar\7.1.382.0\BingExt.dll" (file missing)
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab

tyhle IP znáš?
212.111.0.10

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
- Pokud používáš Firefox, klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
- Pokud používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
- Pokud používáš Chrome, nic dalšího nevybírej a dej Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Update Malwarebytes' Anti-Malware (Aktualizace Malwarebytes' Anti-Malware) a Launch Malwarebytes' Anti-Malware (Spustit aplikaci Malwarebytes' Anti-Malware), pokud jo tak klikni na tlačítko Finish
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Perform Quick Scan (Provést rychlý sken) a klikni na tlačítko Scan (Skenovat)
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- pak zvol možnost Save Logfile a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(ZATÍM SÁM NIC NEMAŽ!).
Vlož sem pak obsah toho logu.

joboj · Příspěvekod **joboj** » 04 črc 2012 08:49

Provedl jsem uvedené kroky. IP adresu nepoznávám (moje není).

Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Verze databáze: v2012.07.04.02

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 7.0.5730.13
milan :: DOMA [administrátor]

4.7.2012 8:36:31
mbam-log-2012-07-04 (08-36-31).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 241689
Uplynulý čas: 7 minut, 22 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)

(konec)

joboj · Příspěvekod **joboj** » 04 črc 2012 08:51

ATF Cleaner mi napsal: No files were removed.

joboj · Příspěvekod **joboj** » 04 črc 2012 09:48

Zatím vše funguje bez problémů, ale uvidím, jestli to nezačne zase zlobit. Vždy to nějakou dobu fungovalo normálně. Pokud nebudou dnes žádné problémy, bude to zřejmě OK.

Co ta IP adresa? Co to může znamenat?

Příspěvekod **memphisto** » 04 črc 2012 09:53

Ta IP je v pořádku. Je od providera. Máš Internext?

joboj · Příspěvekod **joboj** » 04 črc 2012 10:01

Poskytovatelem internetu je NapaNet. Je tedy možné, že je to IP poskytovatele?

Příspěvekod **jaro3** » 04 črc 2012 10:29

Stáhni si TDSSKiller

Na svojí plochu.Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller.2.2.7.1._(datum)_log.txt , vlož sem prosím celý obsah logu.

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

Máš dost volného místa na disku?

joboj · Příspěvekod **joboj** » 04 črc 2012 10:44

10:40:48.0046 3140 TDSS rootkit removing tool 2.7.44.0 Jul 2 2012 20:01:08
10:40:48.0156 3140 ============================================================
10:40:48.0156 3140 Current date / time: 2012/07/04 10:40:48.0156
10:40:48.0156 3140 SystemInfo:
10:40:48.0156 3140
10:40:48.0156 3140 OS Version: 5.1.2600 ServicePack: 3.0
10:40:48.0156 3140 Product type: Workstation
10:40:48.0156 3140 ComputerName: DOMA
10:40:48.0156 3140 UserName: milan
10:40:48.0156 3140 Windows directory: C:\WINDOWS
10:40:48.0156 3140 System windows directory: C:\WINDOWS
10:40:48.0156 3140 Processor architecture: Intel x86
10:40:48.0156 3140 Number of processors: 4
10:40:48.0156 3140 Page size: 0x1000
10:40:48.0156 3140 Boot type: Normal boot
10:40:48.0156 3140 ============================================================
10:40:50.0187 3140 Drive \Device\Harddisk0\DR0 - Size: 0x3A38A25E00 (232.88 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
10:40:50.0187 3140 ============================================================
10:40:50.0187 3140 \Device\Harddisk0\DR0:
10:40:50.0187 3140 MBR partitions:
10:40:50.0187 3140 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xC34F28D
10:40:50.0203 3140 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0xC34F30B, BlocksNum 0x7D008E0
10:40:50.0203 3140 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1404FC2A, BlocksNum 0x9170A96
10:40:50.0203 3140 ============================================================
10:40:50.0234 3140 C: <-> \Device\Harddisk0\DR0\Partition0
10:40:50.0265 3140 D: <-> \Device\Harddisk0\DR0\Partition1
10:40:50.0296 3140 E: <-> \Device\Harddisk0\DR0\Partition2
10:40:50.0296 3140 ============================================================
10:40:50.0296 3140 Initialize success
10:40:50.0296 3140 ============================================================
10:40:54.0640 3972 ============================================================
10:40:54.0640 3972 Scan started
10:40:54.0640 3972 Mode: Manual;
10:40:54.0640 3972 ============================================================
10:40:55.0578 3972 Aavmker4 (0b27ae82c113d3687024d18459440426) C:\WINDOWS\system32\drivers\Aavmker4.sys
10:40:55.0578 3972 Aavmker4 - ok
10:40:55.0578 3972 Abiosdsk - ok
10:40:55.0578 3972 abp480n5 - ok
10:40:55.0609 3972 ACPI (4fe34f1f3126b61fcc6b2043aa8112c9) C:\WINDOWS\system32\DRIVERS\ACPI.sys
10:40:55.0625 3972 ACPI - ok
10:40:55.0640 3972 ACPIEC (afdff022a01f0b11c776f0860c3b282f) C:\WINDOWS\system32\drivers\ACPIEC.sys
10:40:55.0640 3972 ACPIEC - ok
10:40:55.0703 3972 AdobeFlashPlayerUpdateSvc (990dc6edc9f933194d7cd4e65146bc94) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
10:40:55.0718 3972 AdobeFlashPlayerUpdateSvc - ok
10:40:55.0718 3972 adpu160m - ok
10:40:55.0734 3972 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
10:40:55.0750 3972 aec - ok
10:40:55.0781 3972 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
10:40:55.0781 3972 AFD - ok
10:40:55.0781 3972 Aha154x - ok
10:40:55.0781 3972 aic78u2 - ok
10:40:55.0781 3972 aic78xx - ok
10:40:55.0812 3972 ALG (88842de939a827577bf24243699ac80a) C:\WINDOWS\System32\alg.exe
10:40:55.0812 3972 ALG - ok
10:40:55.0828 3972 AliIde - ok
10:40:55.0968 3972 Ambfilt (267fc636801edc5ab28e14036349e3be) C:\WINDOWS\system32\drivers\Ambfilt.sys
10:40:56.0000 3972 Ambfilt - ok
10:40:56.0062 3972 amsint - ok
10:40:56.0140 3972 Apple Mobile Device (2e3e53a6aef23e24f402c7855b9b1542) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
10:40:56.0140 3972 Apple Mobile Device - ok
10:40:56.0140 3972 AppMgmt - ok
10:40:56.0171 3972 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
10:40:56.0171 3972 Arp1394 - ok
10:40:56.0171 3972 asc - ok
10:40:56.0171 3972 asc3350p - ok
10:40:56.0171 3972 asc3550 - ok
10:40:56.0234 3972 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
10:40:56.0234 3972 aspnet_state - ok
10:40:56.0265 3972 aswFsBlk (1c1f3d6dddc046c920c493a779649f66) C:\WINDOWS\system32\drivers\aswFsBlk.sys
10:40:56.0265 3972 aswFsBlk - ok
10:40:56.0296 3972 aswKbd (81e695913fefd4e23360a69c0f151797) C:\WINDOWS\system32\drivers\aswKbd.sys
10:40:56.0296 3972 aswKbd - ok
10:40:56.0312 3972 aswMon2 (9e912fe7b41650701ef2b227aca440f3) C:\WINDOWS\system32\drivers\aswMon2.sys
10:40:56.0312 3972 aswMon2 - ok
10:40:56.0328 3972 aswRdr (982e275d1c5801042fe94209fb0160fb) C:\WINDOWS\system32\drivers\aswRdr.sys
10:40:56.0328 3972 aswRdr - ok
10:40:56.0390 3972 aswSnx (73dbcf808e00580f2a47f93dd9b03876) C:\WINDOWS\system32\drivers\aswSnx.sys
10:40:56.0406 3972 aswSnx - ok
10:40:56.0437 3972 aswSP (6cbd7d3a33f498d09c831cdd732da2e0) C:\WINDOWS\system32\drivers\aswSP.sys
10:40:56.0453 3972 aswSP - ok
10:40:56.0468 3972 aswTdi (7109a9aa551f37cd168c02368465957e) C:\WINDOWS\system32\drivers\aswTdi.sys
10:40:56.0468 3972 aswTdi - ok
10:40:56.0484 3972 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
10:40:56.0484 3972 AsyncMac - ok
10:40:56.0500 3972 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
10:40:56.0500 3972 atapi - ok
10:40:56.0500 3972 Atdisk - ok
10:40:56.0546 3972 atksgt (f0d933b42cd0594048e4d5200ae9e417) C:\WINDOWS\system32\DRIVERS\atksgt.sys
10:40:56.0546 3972 atksgt - ok
10:40:56.0578 3972 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
10:40:56.0578 3972 Atmarpc - ok
10:40:56.0593 3972 AudioSrv (de31b88962a8645dba5a37b993e7b0f1) C:\WINDOWS\System32\audiosrv.dll
10:40:56.0609 3972 AudioSrv - ok
10:40:56.0625 3972 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
10:40:56.0625 3972 audstub - ok
10:40:56.0703 3972 avast! Antivirus (2f7c0f3e39c45e0127fb78b2f18a41f3) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
10:40:56.0703 3972 avast! Antivirus - ok
10:40:56.0703 3972 avast! Firewall - ok
10:40:56.0734 3972 BCUService (f29d375926e36e3a56af4805c7749302) C:\Program Files\DeviceVM\Browser Configuration Utility\BCUService.exe
10:40:56.0734 3972 BCUService - ok
10:40:56.0765 3972 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
10:40:56.0765 3972 Beep - ok
10:40:56.0812 3972 BITS (19395d092fd85ddc2d9c7729cf5a2ac8) C:\WINDOWS\system32\qmgr.dll
10:40:56.0828 3972 BITS - ok
10:40:56.0906 3972 Bonjour Service (5ab58c337ac65837fe404462ad6265ab) C:\Program Files\Bonjour\mDNSResponder.exe
10:40:56.0906 3972 Bonjour Service - ok
10:40:56.0937 3972 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
10:40:56.0937 3972 cbidf2k - ok
10:40:56.0937 3972 cd20xrnt - ok
10:40:56.0953 3972 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
10:40:56.0953 3972 Cdaudio - ok
10:40:56.0968 3972 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
10:40:56.0968 3972 Cdfs - ok
10:40:56.0984 3972 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
10:40:56.0984 3972 Cdrom - ok
10:40:56.0984 3972 Changer - ok
10:40:57.0000 3972 CiSvc (e390dc1d7c461d7d56ec53402f329928) C:\WINDOWS\system32\cisvc.exe
10:40:57.0015 3972 CiSvc - ok
10:40:57.0109 3972 CLHNServiceForPowerDVD (db26c2ba2ac0ab6be1cfa59f61ce22da) C:\Program Files\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe
10:40:57.0109 3972 CLHNServiceForPowerDVD - ok
10:40:57.0125 3972 ClipSrv (064507a8dfa8c5c7e2ffddd3e6f424fa) C:\WINDOWS\system32\clipsrv.exe
10:40:57.0125 3972 ClipSrv - ok
10:40:57.0171 3972 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:40:57.0171 3972 clr_optimization_v2.0.50727_32 - ok
10:40:57.0234 3972 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:40:57.0234 3972 clr_optimization_v4.0.30319_32 - ok
10:40:57.0234 3972 CmdIde - ok
10:40:57.0234 3972 COMSysApp - ok
10:40:57.0234 3972 Cpqarray - ok
10:40:57.0250 3972 CryptSvc (f3ab0933cbd166d271992f411c27ccaf) C:\WINDOWS\System32\cryptsvc.dll
10:40:57.0250 3972 CryptSvc - ok
10:40:57.0296 3972 CyberLink PowerDVD 11.0 Monitor Service (cb56d5f30199c35c37d9297b4d8cc3f7) C:\Program Files\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe
10:40:57.0296 3972 CyberLink PowerDVD 11.0 Monitor Service - ok
10:40:57.0328 3972 CyberLink PowerDVD 11.0 Service (6e65964f36e7e881a7c4533cd1f99e23) C:\Program Files\CyberLink\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe
10:40:57.0343 3972 CyberLink PowerDVD 11.0 Service - ok
10:40:57.0343 3972 dac2w2k - ok
10:40:57.0343 3972 dac960nt - ok
10:40:57.0406 3972 DcomLaunch (be27674d1cbc3214aec84b4336a38bbf) C:\WINDOWS\system32\rpcss.dll
10:40:57.0406 3972 DcomLaunch - ok
10:40:57.0468 3972 DES2 Service (fdc0c5adde1cde6edb0bef78f0699af3) C:\Program Files\Gigabyte\EnergySaver2\des2svr.exe
10:40:57.0468 3972 DES2 Service - ok
10:40:57.0500 3972 Dhcp (8c9a53e285ac5e6704844d0459ec85be) C:\WINDOWS\System32\dhcpcsvc.dll
10:40:57.0515 3972 Dhcp - ok
10:40:57.0515 3972 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
10:40:57.0515 3972 Disk - ok
10:40:57.0515 3972 dmadmin - ok
10:40:57.0593 3972 dmboot (db5fd2bf5b07dc54bfcb3664ff05bd7c) C:\WINDOWS\system32\drivers\dmboot.sys
10:40:57.0609 3972 dmboot - ok
10:40:57.0625 3972 dmio (fff1720af51171f32f1ead5cf71f2810) C:\WINDOWS\system32\drivers\dmio.sys
10:40:57.0625 3972 dmio - ok
10:40:57.0656 3972 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
10:40:57.0656 3972 dmload - ok
10:40:57.0687 3972 dmserver (2bfefe9e865655a76982f050450b9591) C:\WINDOWS\System32\dmserver.dll
10:40:57.0687 3972 dmserver - ok
10:40:57.0703 3972 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
10:40:57.0703 3972 DMusic - ok
10:40:57.0734 3972 Dnscache (dfaa406bf19f4ee806a6f8d4342137f7) C:\WINDOWS\System32\dnsrslvr.dll
10:40:57.0734 3972 Dnscache - ok
10:40:57.0765 3972 Dot3svc (4a3e2bd20157a0946751229e92eb8621) C:\WINDOWS\System32\dot3svc.dll
10:40:57.0781 3972 Dot3svc - ok
10:40:57.0781 3972 dpti2o - ok
10:40:57.0796 3972 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
10:40:57.0796 3972 drmkaud - ok
10:40:57.0828 3972 DrvAgent32 (651554e483712b708ede864d0ca1aa73) C:\WINDOWS\system32\Drivers\DrvAgent32.sys
10:40:57.0828 3972 DrvAgent32 - ok
10:40:57.0843 3972 EapHost (0887d9c2be8d940778cad1e3b85f2a41) C:\WINDOWS\System32\eapsvc.dll
10:40:57.0843 3972 EapHost - ok
10:40:57.0859 3972 ERSvc (a2a4912798f2be706abadd3d30800d16) C:\WINDOWS\System32\ersvc.dll
10:40:57.0859 3972 ERSvc - ok
10:40:57.0890 3972 Eventlog (9ef697af07bb8dd82c3b02ca953a95b7) C:\WINDOWS\system32\services.exe
10:40:57.0890 3972 Eventlog - ok
10:40:57.0937 3972 EventSystem (a371f11ef07653591c8de26afb13ce7f) C:\WINDOWS\system32\es.dll
10:40:57.0953 3972 EventSystem - ok
10:40:57.0968 3972 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
10:40:57.0968 3972 Fastfat - ok
10:40:58.0015 3972 FastUserSwitchingCompatibility (ee9a2b9ea968a792a053c9d1a86bf870) C:\WINDOWS\System32\shsvcs.dll
10:40:58.0015 3972 FastUserSwitchingCompatibility - ok
10:40:58.0031 3972 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
10:40:58.0031 3972 Fdc - ok
10:40:58.0062 3972 Fips (ac366695a0796560aa37215ad5762aaf) C:\WINDOWS\system32\drivers\Fips.sys
10:40:58.0062 3972 Fips - ok
10:40:58.0078 3972 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
10:40:58.0078 3972 Flpydisk - ok
10:40:58.0109 3972 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
10:40:58.0109 3972 FltMgr - ok
10:40:58.0171 3972 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
10:40:58.0171 3972 FontCache3.0.0.0 - ok
10:40:58.0203 3972 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
10:40:58.0203 3972 Fs_Rec - ok
10:40:58.0218 3972 Ftdisk (4e664d8541db4a66b73a24257e322e1f) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
10:40:58.0218 3972 Ftdisk - ok
10:40:58.0234 3972 gdrv (d556cb79967e92b5cc69686d16c1d846) C:\WINDOWS\gdrv.sys
10:40:58.0437 3972 gdrv - ok
10:40:58.0453 3972 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
10:40:58.0453 3972 GEARAspiWDM - ok
10:40:58.0484 3972 giveio (77ebf3e9386daa51551af429052d88d0) C:\WINDOWS\system32\giveio.sys
10:40:58.0484 3972 giveio - ok
10:40:58.0515 3972 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
10:40:58.0515 3972 Gpc - ok
10:40:58.0609 3972 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
10:40:58.0609 3972 gupdate - ok
10:40:58.0609 3972 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
10:40:58.0609 3972 gupdatem - ok
10:40:58.0625 3972 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
10:40:58.0640 3972 HDAudBus - ok
10:40:58.0656 3972 HECI (a88485dc6a7136c10d9a6c7e38fdfe3c) C:\WINDOWS\system32\DRIVERS\HECI.sys
10:40:58.0656 3972 HECI - ok
10:40:58.0718 3972 helpsvc (fcfe31fb75f8a6295b6b0af87a626282) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
10:40:58.0718 3972 helpsvc - ok
10:40:58.0750 3972 HidServ (00e25ee90166b3e1be6e74aebf858306) C:\WINDOWS\System32\hidserv.dll
10:40:58.0750 3972 HidServ - ok
10:40:58.0765 3972 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
10:40:58.0765 3972 hidusb - ok
10:40:58.0796 3972 hkmsvc (7a6b320928f86bc851530d63c82965d9) C:\WINDOWS\System32\kmsvc.dll
10:40:58.0796 3972 hkmsvc - ok
10:40:58.0796 3972 hpn - ok
10:40:58.0843 3972 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
10:40:58.0843 3972 HTTP - ok
10:40:58.0875 3972 HTTPFilter (58fe2f2da3bc5573f4a35b3760d3125f) C:\WINDOWS\System32\w3ssl.dll
10:40:58.0875 3972 HTTPFilter - ok
10:40:58.0875 3972 i2omgmt - ok
10:40:58.0875 3972 i2omp - ok
10:40:58.0906 3972 i8042prt (c528e27945367191e7bae364930b6932) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
10:40:58.0906 3972 i8042prt - ok
10:40:58.0906 3972 ialm - ok
10:40:58.0968 3972 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
10:40:58.0968 3972 IDriverT - ok
10:40:59.0093 3972 idsvc (c01ac32dc5c03076cfb852cb5da5229c) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
10:40:59.0109 3972 idsvc - ok
10:40:59.0109 3972 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
10:40:59.0109 3972 Imapi - ok
10:40:59.0156 3972 ImapiService (f7b93aafad33b2320954c17e26c8d361) C:\WINDOWS\system32\imapi.exe
10:40:59.0156 3972 ImapiService - ok
10:40:59.0156 3972 ini910u - ok
10:40:59.0625 3972 IntcAzAudAddService (1511286a30ac4f74f5e9aac182bbefbc) C:\WINDOWS\system32\drivers\RtkHDAud.sys
10:40:59.0765 3972 IntcAzAudAddService - ok
10:40:59.0890 3972 IntcDAud (f2bfc65dfbca35734accd03c10105f9e) C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
10:40:59.0890 3972 IntcDAud - ok
10:40:59.0890 3972 IntelIde - ok
10:40:59.0921 3972 intelppm (27b290d632af2cf3cf40bfddb7370985) C:\WINDOWS\system32\DRIVERS\intelppm.sys
10:40:59.0921 3972 intelppm - ok
10:40:59.0937 3972 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
10:40:59.0937 3972 Ip6Fw - ok
10:40:59.0968 3972 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
10:40:59.0968 3972 IpFilterDriver - ok
10:41:00.0000 3972 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
10:41:00.0000 3972 IpInIp - ok
10:41:00.0015 3972 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
10:41:00.0015 3972 IpNat - ok
10:41:00.0109 3972 iPod Service (630d74599070824af3dc63a894adcdfc) C:\Program Files\iPod\bin\iPodService.exe
10:41:00.0125 3972 iPod Service - ok
10:41:00.0140 3972 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
10:41:00.0140 3972 IPSec - ok
10:41:00.0156 3972 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
10:41:00.0156 3972 IRENUM - ok
10:41:00.0171 3972 isapnp (cc9f8a2d60aed1a51a3ac34c59b987ae) C:\WINDOWS\system32\DRIVERS\isapnp.sys
10:41:00.0171 3972 isapnp - ok
10:41:00.0250 3972 JavaQuickStarterService (381b25dc8e958d905b33130d500bbf29) C:\Program Files\Java\jre6\bin\jqs.exe
10:41:00.0250 3972 JavaQuickStarterService - ok
10:41:00.0281 3972 JRAID (484836413c2348244c8008c962240c8d) C:\WINDOWS\system32\DRIVERS\jraid.sys
10:41:00.0296 3972 JRAID - ok
10:41:00.0328 3972 Kbdclass (1b6162fe7f66b1a71a4b70f941c4aa9b) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
10:41:00.0328 3972 Kbdclass - ok
10:41:00.0359 3972 kbdhid (86c8f23616c6c6e5b2776901c17b945b) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
10:41:00.0359 3972 kbdhid - ok
10:41:00.0375 3972 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
10:41:00.0375 3972 kmixer - ok
10:41:00.0406 3972 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
10:41:00.0406 3972 KSecDD - ok
10:41:00.0437 3972 LanmanServer (3428e8f86f8add36b42fb23542c7b3e4) C:\WINDOWS\System32\srvsvc.dll
10:41:00.0453 3972 LanmanServer - ok
10:41:00.0453 3972 lbrtfdc - ok
10:41:00.0484 3972 LightScribeService (9696786759c4b43fa5c894747e893ea2) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
10:41:00.0484 3972 LightScribeService - ok
10:41:00.0515 3972 lirsgt (f8a7212d0864ef5e9185fb95e6623f4d) C:\WINDOWS\system32\DRIVERS\lirsgt.sys
10:41:00.0515 3972 lirsgt - ok
10:41:00.0531 3972 LmHosts (0ab159f536e3e8f7f07113702a07cca5) C:\WINDOWS\System32\lmhsvc.dll
10:41:00.0531 3972 LmHosts - ok
10:41:00.0609 3972 LMS (e38775922d4a4c05b5d96733ab4ce169) C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
10:41:00.0609 3972 LMS - ok
10:41:00.0640 3972 MarvinBus (a3e700d78eec390f1208098cdca5c6b6) C:\WINDOWS\system32\DRIVERS\MarvinBus.sys
10:41:00.0656 3972 MarvinBus - ok
10:41:00.0718 3972 Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
10:41:00.0718 3972 Microsoft Office Groove Audit Service - ok
10:41:00.0750 3972 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
10:41:00.0750 3972 mnmdd - ok
10:41:00.0781 3972 mnmsrvc (9a57d046f88f4b69751b11fd40088a61) C:\WINDOWS\system32\mnmsrvc.exe
10:41:00.0781 3972 mnmsrvc - ok
10:41:00.0812 3972 Modem (44032b0c6d9954d3fd26438330b99ee7) C:\WINDOWS\system32\drivers\Modem.sys
10:41:00.0812 3972 Modem - ok
10:41:00.0937 3972 Monfilt (c7d9f9717916b34c1b00dd4834af485c) C:\WINDOWS\system32\drivers\Monfilt.sys
10:41:00.0953 3972 Monfilt - ok
10:41:00.0968 3972 Mouclass (4cb582831dbde63ce43b45d771218374) C:\WINDOWS\system32\DRIVERS\mouclass.sys
10:41:00.0968 3972 Mouclass - ok
10:41:01.0000 3972 mouhid (bb269eba740737ab749b214d568b6812) C:\WINDOWS\system32\DRIVERS\mouhid.sys
10:41:01.0000 3972 mouhid - ok
10:41:01.0000 3972 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
10:41:01.0015 3972 MountMgr - ok
10:41:01.0015 3972 mraid35x - ok
10:41:01.0031 3972 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
10:41:01.0031 3972 MRxDAV - ok
10:41:01.0062 3972 MSDTC (6db4d1521caba9a5ffab54ade0ae867d) C:\WINDOWS\system32\msdtc.exe
10:41:01.0078 3972 MSDTC - ok
10:41:01.0078 3972 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
10:41:01.0093 3972 Msfs - ok
10:41:01.0093 3972 MSIServer - ok
10:41:01.0093 3972 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
10:41:01.0109 3972 MSKSSRV - ok
10:41:01.0109 3972 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
10:41:01.0109 3972 MSPCLOCK - ok
10:41:01.0109 3972 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
10:41:01.0109 3972 MSPQM - ok
10:41:01.0125 3972 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
10:41:01.0125 3972 mssmbios - ok
10:41:01.0140 3972 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
10:41:01.0140 3972 Mup - ok
10:41:01.0187 3972 napagent (6ea362e9db03d44f6b996f4d8be237e9) C:\WINDOWS\System32\qagentrt.dll
10:41:01.0187 3972 napagent - ok
10:41:01.0203 3972 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
10:41:01.0203 3972 NDIS - ok
10:41:01.0234 3972 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
10:41:01.0234 3972 NdisTapi - ok
10:41:01.0250 3972 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
10:41:01.0250 3972 Ndisuio - ok
10:41:01.0250 3972 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
10:41:01.0265 3972 NdisWan - ok
10:41:01.0281 3972 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
10:41:01.0296 3972 NDProxy - ok
10:41:01.0312 3972 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
10:41:01.0312 3972 NetBT - ok
10:41:01.0359 3972 NetDDE (933de774986ec85e48210c44ab431de6) C:\WINDOWS\system32\netdde.exe
10:41:01.0359 3972 NetDDE - ok
10:41:01.0359 3972 NetDDEdsdm (933de774986ec85e48210c44ab431de6) C:\WINDOWS\system32\netdde.exe
10:41:01.0359 3972 NetDDEdsdm - ok
10:41:01.0390 3972 Netman (72e1e9e2977be08bdeedb6d8fd9d4d40) C:\WINDOWS\System32\netman.dll
10:41:01.0406 3972 Netman - ok
10:41:01.0453 3972 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
10:41:01.0453 3972 NetTcpPortSharing - ok
10:41:01.0468 3972 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
10:41:01.0468 3972 NIC1394 - ok
10:41:01.0515 3972 Nla (39ee7c3bfbc64ba87cc8cf67386e814c) C:\WINDOWS\System32\mswsock.dll
10:41:01.0515 3972 Nla - ok
10:41:01.0562 3972 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
10:41:01.0562 3972 Npfs - ok
10:41:01.0609 3972 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
10:41:01.0625 3972 Ntfs - ok
10:41:01.0718 3972 ntk_PowerDVD (170ee229d4def31dbe95348c9a88fe74) C:\Program Files\CyberLink\PowerDVD11\Kernel\DMP\ntk_PowerDVD.sys
10:41:01.0718 3972 ntk_PowerDVD - ok
10:41:01.0781 3972 NtmsSvc (023dd70573d644f3d9c8b1258a7bfd08) C:\WINDOWS\system32\ntmssvc.dll
10:41:01.0781 3972 NtmsSvc - ok
10:41:01.0796 3972 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
10:41:01.0796 3972 Null - ok
10:41:01.0828 3972 nusb3hub (e079302fc304cc3f8d444d770c1275d9) C:\WINDOWS\system32\DRIVERS\nusb3hub.sys
10:41:01.0828 3972 nusb3hub - ok
10:41:02.0250 3972 nusb3xhc (456f7262604f85746919823f592b303c) C:\WINDOWS\system32\DRIVERS\nusb3xhc.sys
10:41:02.0281 3972 nusb3xhc - ok
10:41:03.0390 3972 nv (4b54dcd6adee535df80f07c59ddd8f14) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
10:41:03.0640 3972 nv - ok
10:41:03.0750 3972 NVSvc (0573c75a2895d973ea6ef2495620ba49) C:\WINDOWS\system32\nvsvc32.exe
10:41:03.0765 3972 NVSvc - ok
10:41:04.0000 3972 nvUpdatusService (9c84945feee40ea42d3bca5c22250d47) C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
10:41:04.0031 3972 nvUpdatusService - ok
10:41:04.0140 3972 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
10:41:04.0140 3972 NwlnkFlt - ok
10:41:04.0140 3972 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
10:41:04.0140 3972 NwlnkFwd - ok
10:41:04.0250 3972 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
10:41:04.0265 3972 odserv - ok
10:41:04.0281 3972 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
10:41:04.0281 3972 ohci1394 - ok
10:41:04.0328 3972 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:41:04.0328 3972 ose - ok
10:41:04.0343 3972 Parport (46f8db73b4a53e543f8e371dc7c75bae) C:\WINDOWS\system32\drivers\Parport.sys
10:41:04.0343 3972 Parport - ok
10:41:04.0359 3972 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
10:41:04.0359 3972 PartMgr - ok
10:41:04.0375 3972 ParVdm (1fae19d0457176318bba4a8795656ebc) C:\WINDOWS\system32\drivers\ParVdm.sys
10:41:04.0375 3972 ParVdm - ok
10:41:04.0390 3972 PCI (6ce351d149cb4befc702951e471e1730) C:\WINDOWS\system32\DRIVERS\pci.sys
10:41:04.0390 3972 PCI - ok
10:41:04.0390 3972 PCIDump - ok
10:41:04.0421 3972 PCIIde (2da4ec85e0ea7a45c6b2a05820492d5a) C:\WINDOWS\system32\DRIVERS\pciide.sys
10:41:04.0421 3972 PCIIde - ok
10:41:04.0453 3972 PCLEPCI (1bebe7de8508a02650cdce45c664c2a2) C:\WINDOWS\system32\drivers\pclepci.sys
10:41:04.0453 3972 PCLEPCI - ok
10:41:04.0468 3972 Pcmcia (4fc31e6c19a5ce5198b1abff94cae758) C:\WINDOWS\system32\drivers\Pcmcia.sys
10:41:04.0468 3972 Pcmcia - ok
10:41:04.0468 3972 PDCOMP - ok
10:41:04.0484 3972 PDFRAME - ok
10:41:04.0484 3972 PDRELI - ok
10:41:04.0484 3972 PDRFRAME - ok
10:41:04.0484 3972 perc2 - ok
10:41:04.0484 3972 perc2hib - ok
10:41:04.0515 3972 PlugPlay (9ef697af07bb8dd82c3b02ca953a95b7) C:\WINDOWS\system32\services.exe
10:41:04.0515 3972 PlugPlay - ok
10:41:04.0546 3972 PnkBstrA (831883b107684301f48ace752c963984) C:\WINDOWS\system32\PnkBstrA.exe
10:41:04.0546 3972 PnkBstrA - ok
10:41:04.0562 3972 PnkBstrB (e24106a5eaecddff00b25497049dd65f) C:\WINDOWS\system32\PnkBstrB.exe
10:41:04.0578 3972 PnkBstrB - ok
10:41:04.0593 3972 PolicyAgent (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
10:41:04.0609 3972 PolicyAgent - ok
10:41:04.0625 3972 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
10:41:04.0640 3972 PptpMiniport - ok
10:41:04.0640 3972 ProtectedStorage (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
10:41:04.0640 3972 ProtectedStorage - ok
10:41:04.0640 3972 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
10:41:04.0640 3972 PSched - ok
10:41:04.0671 3972 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
10:41:04.0671 3972 Ptilink - ok
10:41:04.0687 3972 ql1080 - ok
10:41:04.0687 3972 Ql10wnt - ok
10:41:04.0687 3972 ql12160 - ok
10:41:04.0687 3972 ql1240 - ok
10:41:04.0687 3972 ql1280 - ok
10:41:04.0703 3972 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
10:41:04.0703 3972 RasAcd - ok
10:41:04.0734 3972 RasAuto (2b5e44ea009f2f374b980e1e9a70635d) C:\WINDOWS\System32\rasauto.dll
10:41:04.0750 3972 RasAuto - ok
10:41:04.0750 3972 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
10:41:04.0750 3972 Rasl2tp - ok
10:41:04.0796 3972 RasMan (d57554c664b64604bd1ee13ea2c07e77) C:\WINDOWS\System32\rasmans.dll
10:41:04.0796 3972 RasMan - ok
10:41:04.0796 3972 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
10:41:04.0812 3972 RasPppoe - ok
10:41:04.0812 3972 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
10:41:04.0812 3972 Raspti - ok
10:41:04.0812 3972 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
10:41:04.0812 3972 RDPCDD - ok
10:41:04.0859 3972 RDPWD (6589db6e5969f8eee594cf71171c5028) C:\WINDOWS\system32\drivers\RDPWD.sys
10:41:04.0859 3972 RDPWD - ok
10:41:04.0890 3972 RDSessMgr (c0d9d9711cb74ee9bc66353d8cbdab0e) C:\WINDOWS\system32\sessmgr.exe
10:41:04.0890 3972 RDSessMgr - ok
10:41:04.0921 3972 redbook (611bfd220305be3a85ae876ea47d4aa5) C:\WINDOWS\system32\DRIVERS\redbook.sys
10:41:04.0921 3972 redbook - ok
10:41:04.0953 3972 RemoteAccess (127c26b5371651043450e52542099aba) C:\WINDOWS\System32\mprdim.dll
10:41:04.0968 3972 RemoteAccess - ok
10:41:05.0015 3972 RpcSs (be27674d1cbc3214aec84b4336a38bbf) C:\WINDOWS\System32\rpcss.dll
10:41:05.0031 3972 RpcSs - ok
10:41:05.0078 3972 RSVP (09ab2e71e58b078038e3bfdba7ffc984) C:\WINDOWS\system32\rsvp.exe
10:41:05.0078 3972 RSVP - ok
10:41:05.0109 3972 RTLE8023xp (cb9310a5a910648d359c99a857e22a54) C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
10:41:05.0109 3972 RTLE8023xp - ok
10:41:05.0140 3972 s115bus (e1ab463b36a7ef31d8a73a97a9b57afa) C:\WINDOWS\system32\DRIVERS\s115bus.sys
10:41:05.0156 3972 s115bus - ok
10:41:05.0156 3972 s115mdfl (e24113fc13b8737c94cf4e3415488c76) C:\WINDOWS\system32\DRIVERS\s115mdfl.sys
10:41:05.0156 3972 s115mdfl - ok
10:41:05.0171 3972 s115mdm (4029e49e7c673aa0670bd206b0af1b5b) C:\WINDOWS\system32\DRIVERS\s115mdm.sys
10:41:05.0187 3972 s115mdm - ok
10:41:05.0203 3972 s115mgmt (eb02ab4ca8bccecfde236cad8fc6e135) C:\WINDOWS\system32\DRIVERS\s115mgmt.sys
10:41:05.0203 3972 s115mgmt - ok
10:41:05.0218 3972 s115obex (089869db9ffd2ac807fa87fe82ac7761) C:\WINDOWS\system32\DRIVERS\s115obex.sys
10:41:05.0218 3972 s115obex - ok
10:41:05.0265 3972 s117bus (1f561844318914e7eb6e54673a4cc54c) C:\WINDOWS\system32\DRIVERS\s117bus.sys
10:41:05.0265 3972 s117bus - ok
10:41:05.0281 3972 s117mdfl (ba93eec3cdf6a63b77ae66221aa4f902) C:\WINDOWS\system32\DRIVERS\s117mdfl.sys
10:41:05.0281 3972 s117mdfl - ok
10:41:05.0312 3972 s117mdm (cba12fd8a8ee5b5cdfbbae2381cd6703) C:\WINDOWS\system32\DRIVERS\s117mdm.sys
10:41:05.0312 3972 s117mdm - ok
10:41:05.0328 3972 s117mgmt (bd6483e64b1da17e812b34bcdefd9459) C:\WINDOWS\system32\DRIVERS\s117mgmt.sys
10:41:05.0328 3972 s117mgmt - ok
10:41:05.0343 3972 s117nd5 (c7ca36c3054b4cd47a1f6611b046e2f9) C:\WINDOWS\system32\DRIVERS\s117nd5.sys
10:41:05.0343 3972 s117nd5 - ok
10:41:05.0375 3972 s117obex (e290b3a6b58fb72ca97dd48d64e4fc1c) C:\WINDOWS\system32\DRIVERS\s117obex.sys
10:41:05.0375 3972 s117obex - ok
10:41:05.0390 3972 s117unic (5c4d1ba23c7511ac880e8ba7baa80dba) C:\WINDOWS\system32\DRIVERS\s117unic.sys
10:41:05.0390 3972 s117unic - ok
10:41:05.0406 3972 SamSs (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
10:41:05.0406 3972 SamSs - ok
10:41:05.0453 3972 SCardSvr (410046e401eb11e1e6749e9deea41d4a) C:\WINDOWS\System32\SCardSvr.exe
10:41:05.0453 3972 SCardSvr - ok
10:41:05.0500 3972 Schedule (3ff232a7731621b8902d81d42418c93c) C:\WINDOWS\system32\schedsvc.dll
10:41:05.0500 3972 Schedule - ok
10:41:05.0531 3972 se3ebus (44d64485af20abe0868d06b7407ee61a) C:\WINDOWS\system32\DRIVERS\se3ebus.sys
10:41:05.0531 3972 se3ebus - ok
10:41:05.0562 3972 se3emdfl (a783b5f532b7cc59df4ee06cc1d44c48) C:\WINDOWS\system32\DRIVERS\se3emdfl.sys
10:41:05.0562 3972 se3emdfl - ok
10:41:05.0578 3972 se3emdm (fb1f9f31f5e770dfaf3b33e5f9a7a330) C:\WINDOWS\system32\DRIVERS\se3emdm.sys
10:41:05.0578 3972 se3emdm - ok
10:41:05.0625 3972 se3emgmt (30dc2bb81a3bd2f902f85ed6768084d8) C:\WINDOWS\system32\DRIVERS\se3emgmt.sys
10:41:05.0625 3972 se3emgmt - ok
10:41:05.0625 3972 se3eobex (b940974aa602d43e63172179562f5d88) C:\WINDOWS\system32\DRIVERS\se3eobex.sys
10:41:05.0640 3972 se3eobex - ok
10:41:05.0656 3972 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
10:41:05.0656 3972 Secdrv - ok
10:41:05.0671 3972 seclogon (477e2c3cc5e4a0d635bcb0ea8dcac3c6) C:\WINDOWS\System32\seclogon.dll
10:41:05.0671 3972 seclogon - ok
10:41:05.0718 3972 seehcri (e5b56569a9f79b70314fede6c953641e) C:\WINDOWS\system32\DRIVERS\seehcri.sys
10:41:05.0718 3972 seehcri - ok
10:41:05.0734 3972 SENS (a530b75c10c23c9ab28fdb6ce719e21f) C:\WINDOWS\system32\sens.dll
10:41:05.0734 3972 SENS - ok
10:41:05.0750 3972 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
10:41:05.0750 3972 serenum - ok
10:41:05.0750 3972 Serial (b842729337c9b921615c40d3c1a1af96) C:\WINDOWS\system32\DRIVERS\serial.sys
10:41:05.0765 3972 Serial - ok
10:41:05.0781 3972 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
10:41:05.0781 3972 Sfloppy - ok
10:41:05.0843 3972 SharedAccess (f58faca9621d2db01bd0927d9a0a208e) C:\WINDOWS\System32\ipnathlp.dll
10:41:05.0843 3972 SharedAccess - ok
10:41:05.0859 3972 ShellHWDetection (ee9a2b9ea968a792a053c9d1a86bf870) C:\WINDOWS\System32\shsvcs.dll
10:41:05.0875 3972 ShellHWDetection - ok
10:41:05.0875 3972 Simbad - ok
10:41:06.0000 3972 Smart TimeLock (101556f6216e97f1258d87c38203695f) C:\Program Files\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe
10:41:06.0000 3972 Smart TimeLock - ok
10:41:06.0015 3972 Sparrow - ok
10:41:06.0046 3972 speedfan (5d6401db90ec81b71f8e2c5c8f0fef23) C:\WINDOWS\system32\speedfan.sys
10:41:06.0046 3972 speedfan - ok
10:41:06.0078 3972 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
10:41:06.0078 3972 splitter - ok
10:41:06.0109 3972 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
10:41:06.0109 3972 Spooler - ok
10:41:06.0187 3972 sptd (cdddec541bc3c96f91ecb48759673505) C:\WINDOWS\system32\Drivers\sptd.sys
10:41:06.0187 3972 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\sptd.sys. md5: cdddec541bc3c96f91ecb48759673505
10:41:06.0187 3972 sptd ( LockedFile.Multi.Generic ) - warning
10:41:06.0187 3972 sptd - detected LockedFile.Multi.Generic (1)
10:41:06.0203 3972 sr (94610c8653635e4459316a0050d55ce7) C:\WINDOWS\system32\DRIVERS\sr.sys
10:41:06.0203 3972 sr - ok
10:41:06.0234 3972 srservice (35b91147124f64ac8081a2edb9ea4dee) C:\WINDOWS\system32\srsvc.dll
10:41:06.0250 3972 srservice - ok
10:41:06.0281 3972 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
10:41:06.0296 3972 Srv - ok
10:41:06.0328 3972 SSDPSRV (becd5271dc4e3b7c3d035f790fcbc1e5) C:\WINDOWS\System32\ssdpsrv.dll
10:41:06.0328 3972 SSDPSRV - ok
10:41:06.0359 3972 stisvc (c1cdd9275f6a115bb0ae1d55d8d27ba6) C:\WINDOWS\system32\wiaservc.dll
10:41:06.0359 3972 stisvc - ok
10:41:06.0390 3972 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
10:41:06.0406 3972 swenum - ok
10:41:06.0406 3972 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
10:41:06.0421 3972 swmidi - ok
10:41:06.0421 3972 SwPrv - ok
10:41:06.0421 3972 symc810 - ok
10:41:06.0421 3972 symc8xx - ok
10:41:06.0421 3972 sym_hi - ok
10:41:06.0437 3972 sym_u3 - ok
10:41:06.0453 3972 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
10:41:06.0453 3972 sysaudio - ok
10:41:06.0468 3972 SysmonLog (ce06f01b88ace199a1bf460cac29c110) C:\WINDOWS\system32\smlogsvc.exe
10:41:06.0468 3972 SysmonLog - ok
10:41:06.0500 3972 TapiSrv (c2546cd7a398476f9df5614b2ae160e8) C:\WINDOWS\System32\tapisrv.dll
10:41:06.0515 3972 TapiSrv - ok
10:41:06.0546 3972 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
10:41:06.0562 3972 Tcpip - ok
10:41:06.0578 3972 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
10:41:06.0578 3972 TDPIPE - ok
10:41:06.0578 3972 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
10:41:06.0593 3972 TDTCP - ok
10:41:06.0593 3972 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
10:41:06.0609 3972 TermDD - ok
10:41:06.0640 3972 TermService (a75dd6fc3dbee4fff5ebc9f2c28bb66e) C:\WINDOWS\System32\termsrv.dll
10:41:06.0640 3972 TermService - ok
10:41:06.0671 3972 Themes (ee9a2b9ea968a792a053c9d1a86bf870) C:\WINDOWS\System32\shsvcs.dll
10:41:06.0671 3972 Themes - ok
10:41:06.0671 3972 TosIde - ok
10:41:06.0718 3972 TrkWks (38853304ccb938d30e0c4cde8d2c2a8a) C:\WINDOWS\system32\trkwks.dll
10:41:06.0734 3972 TrkWks - ok
10:41:06.0812 3972 TUWinStylerThemeSvc (50908f3cf3cdfe669dc9b0e166fb1f9e) C:\Program Files\TuneUp Utilities 2004\WinStylerThemeSvc.exe
10:41:06.0828 3972 TUWinStylerThemeSvc - ok
10:41:06.0843 3972 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
10:41:06.0843 3972 Udfs - ok
10:41:06.0843 3972 ultra - ok
10:41:07.0062 3972 UNS (02c298382359653bec4c737c2ab7f9c5) C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
10:41:07.0093 3972 UNS - ok
10:41:07.0234 3972 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
10:41:07.0234 3972 Update - ok
10:41:07.0281 3972 upnphost (651bd90dcee5b7bdc74a2eb7c9266f9e) C:\WINDOWS\System32\upnphost.dll
10:41:07.0281 3972 upnphost - ok
10:41:07.0296 3972 UPS (20a0f6a11959e92908717d09e87d670d) C:\WINDOWS\System32\ups.exe
10:41:07.0312 3972 UPS - ok
10:41:07.0343 3972 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
10:41:07.0343 3972 usbccgp - ok
10:41:07.0359 3972 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
10:41:07.0359 3972 usbehci - ok
10:41:07.0375 3972 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
10:41:07.0390 3972 usbhub - ok
10:41:07.0406 3972 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
10:41:07.0421 3972 usbprint - ok
10:41:07.0437 3972 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
10:41:07.0437 3972 usbscan - ok
10:41:07.0468 3972 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
10:41:07.0468 3972 USBSTOR - ok
10:41:07.0500 3972 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
10:41:07.0500 3972 usbuhci - ok
10:41:07.0515 3972 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
10:41:07.0515 3972 VgaSave - ok
10:41:07.0515 3972 ViaIde - ok
10:41:07.0531 3972 VolSnap (28a4b296b47782173c346e376cb374d1) C:\WINDOWS\system32\drivers\VolSnap.sys
10:41:07.0531 3972 VolSnap - ok
10:41:07.0593 3972 VSS (d6ba1a63d9e00933f1cd2a885573afb2) C:\WINDOWS\System32\vssvc.exe
10:41:07.0593 3972 VSS - ok
10:41:07.0625 3972 W32Time (fa4e1cdba256787f2149f4aad07bc91f) C:\WINDOWS\system32\w32time.dll
10:41:07.0640 3972 W32Time - ok
10:41:07.0640 3972 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
10:41:07.0640 3972 Wanarp - ok
10:41:07.0640 3972 WDICA - ok
10:41:07.0671 3972 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
10:41:07.0671 3972 wdmaud - ok
10:41:07.0687 3972 WebClient (47ae51048a82dfa1cd6b51d369f7e169) C:\WINDOWS\System32\webclnt.dll
10:41:07.0687 3972 WebClient - ok
10:41:07.0734 3972 WIBUKEY (afcea7939925378f867dde6af76f3924) C:\WINDOWS\system32\DRIVERS\WibuKey.sys
10:41:07.0734 3972 WIBUKEY - ok
10:41:07.0796 3972 winmgmt (e488332126e3b1182d2b8a0c35408ec6) C:\WINDOWS\system32\wbem\WMIsvc.dll
10:41:07.0796 3972 winmgmt - ok
10:41:07.0828 3972 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
10:41:07.0828 3972 WmdmPmSN - ok
10:41:07.0859 3972 WmiApSrv (23f6f03272f7e5679f1f050aed5acee6) C:\WINDOWS\system32\wbem\wmiapsrv.exe
10:41:07.0859 3972 WmiApSrv - ok
10:41:08.0015 3972 WMPNetworkSvc (3739866d20abd42f26a7b85f9e2560af) C:\Program Files\Windows Media Player\WMPNetwk.exe
10:41:08.0031 3972 WMPNetworkSvc - ok
10:41:08.0046 3972 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
10:41:08.0046 3972 WpdUsb - ok
10:41:08.0203 3972 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
10:41:08.0218 3972 WPFFontCache_v0400 - ok
10:41:08.0250 3972 wscsvc (4c86d5faf78194995af9cc1075f65dd3) C:\WINDOWS\system32\wscsvc.dll
10:41:08.0250 3972 wscsvc - ok
10:41:08.0265 3972 wuauserv (c1364564800ee9784192145324a23308) C:\WINDOWS\system32\wuauserv.dll
10:41:08.0265 3972 wuauserv - ok
10:41:08.0296 3972 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
10:41:08.0296 3972 WudfPf - ok
10:41:08.0312 3972 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
10:41:08.0312 3972 WudfRd - ok
10:41:08.0343 3972 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
10:41:08.0359 3972 WudfSvc - ok
10:41:08.0406 3972 WZCSVC (a27d4ba7264c0bf52f32d10405bea1d4) C:\WINDOWS\System32\wzcsvc.dll
10:41:08.0421 3972 WZCSVC - ok
10:41:08.0453 3972 xmlprov (eaa4bb9edb3fb10cf8979fe65e63658f) C:\WINDOWS\System32\xmlprov.dll
10:41:08.0468 3972 xmlprov - ok
10:41:08.0562 3972 {329F96B6-DF1E-4328-BFDA-39EA953C1312} (3cb263cf60b253bead6e0205e1fa5669) C:\Program Files\CyberLink\PowerDVD11\Common\NavFilter\000.fcl
10:41:08.0562 3972 {329F96B6-DF1E-4328-BFDA-39EA953C1312} - ok
10:41:08.0578 3972 MBR (0x1B8) (413fc2a0c716421b3158746d63736515) \Device\Harddisk0\DR0
10:41:08.0921 3972 \Device\Harddisk0\DR0 - ok
10:41:08.0921 3972 Boot (0x1200) (6a7a8639372fdbfdd4f2b5b05c089e5b) \Device\Harddisk0\DR0\Partition0
10:41:08.0921 3972 \Device\Harddisk0\DR0\Partition0 - ok
10:41:08.0953 3972 Boot (0x1200) (b4658c605adee10745b05ae0a843eca0) \Device\Harddisk0\DR0\Partition1
10:41:08.0953 3972 \Device\Harddisk0\DR0\Partition1 - ok
10:41:08.0984 3972 Boot (0x1200) (eef010135d039d2a980963b409ee5e16) \Device\Harddisk0\DR0\Partition2
10:41:08.0984 3972 \Device\Harddisk0\DR0\Partition2 - ok
10:41:08.0984 3972 ============================================================
10:41:08.0984 3972 Scan finished
10:41:08.0984 3972 ============================================================
10:41:08.0984 0504 Detected object count: 1
10:41:08.0984 0504 Actual detected object count: 1
10:41:22.0437 0504 sptd ( LockedFile.Multi.Generic ) - skipped by user
10:41:22.0437 0504 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
10:41:30.0781 0564 Deinitialize success

joboj · Příspěvekod **joboj** » 04 črc 2012 10:56

ComboFix 12-07-02.01 - milan 04.07.2012 10:48:56.5.4 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.3579.2933 [GMT 2:00]
Spuštěný z: c:\documents and settings\milan\Plocha\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: avast! Antivirus *Enabled* {7591DB91-41F0-48A3-B128-1A293FD8233D}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\Thumbs.db
c:\windows\system32\dllcache\dlimport.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-06-04 do 2012-07-04 )))))))))))))))))))))))))))))))
.
.
2012-07-04 06:35 . 2012-07-04 06:35 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-07-04 06:35 . 2012-04-04 13:56 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-07-03 21:12 . 2012-07-03 21:12 -------- d-----w- C:\rsit
2012-07-03 09:19 . 2012-07-03 09:19 -------- d-----w- c:\windows\system32\wbem\Repository
2012-07-03 06:13 . 2012-07-03 06:13 -------- d-----w- c:\documents and settings\milan\Data aplikací\ElevatedDiagnostics
2012-06-19 05:57 . 2012-06-19 07:09 -------- d-----w- c:\documents and settings\milan\.jenny
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-07-04 08:41 . 2010-04-23 06:40 17488 ----a-w- c:\windows\gdrv.sys
2012-07-03 16:21 . 2010-04-22 21:09 54232 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-07-03 16:21 . 2011-04-10 09:04 721000 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-07-03 16:21 . 2010-04-22 21:09 97608 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2012-07-03 16:21 . 2010-04-22 21:09 89624 ----a-w- c:\windows\system32\drivers\aswmon.sys
2012-07-03 16:21 . 2010-04-22 21:09 35928 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2012-07-03 16:21 . 2010-04-22 21:09 353688 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-07-03 16:21 . 2010-04-22 21:09 21256 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-07-03 16:21 . 2010-04-22 21:09 25256 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2012-07-03 16:21 . 2010-07-01 13:13 41224 ----a-w- c:\windows\avastSS.scr
2012-07-03 16:21 . 2010-04-22 21:09 227648 ----a-w- c:\windows\system32\aswBoot.exe
2012-06-23 06:12 . 2012-04-01 05:01 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-06-23 06:12 . 2011-06-01 04:36 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-06-02 13:19 . 2009-08-06 17:24 15384 ----a-w- c:\windows\system32\wuaucpl.cpl.mui
2012-06-02 13:19 . 2009-08-06 17:24 22552 ----a-w- c:\windows\system32\wucltui.dll.mui
2012-06-02 13:19 . 2010-04-22 22:31 329240 ----a-w- c:\windows\system32\wucltui.dll
2012-06-02 13:19 . 2010-04-22 22:31 210968 ----a-w- c:\windows\system32\wuweb.dll
2012-06-02 13:19 . 2010-04-22 22:31 219160 ----a-w- c:\windows\system32\wuaucpl.cpl
2012-06-02 13:19 . 2010-04-22 22:31 53784 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-02 13:19 . 2010-04-22 22:31 35864 ----a-w- c:\windows\system32\wups.dll
2012-06-02 13:19 . 2009-08-06 17:24 45080 ----a-w- c:\windows\system32\wups2.dll
2012-06-02 13:19 . 2009-08-06 17:24 18456 ----a-w- c:\windows\system32\wuaueng.dll.mui
2012-06-02 13:19 . 2009-08-06 17:24 15384 ----a-w- c:\windows\system32\wuapi.dll.mui
2012-06-02 13:19 . 2006-03-02 12:00 97304 ----a-w- c:\windows\system32\cdm.dll
2012-06-02 13:19 . 2010-04-22 22:31 577048 ----a-w- c:\windows\system32\wuapi.dll
2012-06-02 13:19 . 2010-04-22 22:31 1933848 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-02 13:19 . 2010-04-22 23:06 17648 ----a-w- c:\windows\system32\mucltui.dll.mui
2012-06-02 13:18 . 2011-05-02 06:37 214256 ----a-w- c:\windows\system32\muweb.dll
2012-06-02 13:18 . 2010-04-22 23:06 275696 ----a-w- c:\windows\system32\mucltui.dll
2012-05-31 13:19 . 2006-03-02 12:00 602624 ----a-w- c:\windows\system32\crypt32.dll
2012-05-15 15:36 . 2006-03-02 12:00 832512 ----a-w- c:\windows\system32\wininet.dll
2012-05-15 13:55 . 2006-03-02 12:00 1863168 ----a-w- c:\windows\system32\win32k.sys
2012-05-05 03:14 . 2006-03-02 12:00 2150400 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-05-05 03:14 . 2004-08-17 15:45 2028544 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-05-02 13:46 . 2010-04-22 22:29 139656 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-04-23 14:39 . 2006-03-02 12:00 1830912 ------w- c:\windows\system32\inetcpl.cpl
2012-04-23 14:39 . 2006-03-02 12:00 78336 ----a-w- c:\windows\system32\ieencode.dll
2012-04-23 14:39 . 2006-03-02 12:00 17408 ----a-w- c:\windows\system32\corpol.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-07-03 16:21 121528 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LaunchList"="c:\program files\Pinnacle\Studio 11\LaunchList2.exe" [2007-03-21 145496]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BCU"="c:\program files\DeviceVM\Browser Configuration Utility\BCU.exe" [2009-08-04 346320]
"JMB36X IDE Setup"="c:\windows\RaidTool\xInsIDE.exe" [2007-03-20 36864]
"36X Raid Configurer"="c:\windows\system32\xRaidSetup.exe" [2009-08-26 1970176]
"NUSB3MON"="c:\program files\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2009-10-21 106496]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"CanonSolutionMenu"="c:\program files\Canon\SolutionMenu\CNSLMAIN.exe" [2008-03-10 689488]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2008-03-17 1848648]
"avast"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2012-07-03 4273976]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2011-10-08 16744256]
"NvMediaCenter"="NvMCTray.dll" [2011-10-08 203072]
"nwiz"="c:\program files\NVIDIA Corporation\nview\nwiz.exe" [2011-10-08 1632360]
"RemoteControl11"="c:\program files\CyberLink\PowerDVD11\PDVD11Serv.exe" [2011-08-24 230696]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]
@="Service"
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" -autorun
"ICQ"="c:\program files\ICQ7.1\ICQ.exe" silent loginmode=4
"Avast"=c:\program files\Alwil Software\Avast5\AvastUI.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"RTHDCPL"=RTHDCPL.EXE
"LGODDFU"="c:\program files\lg_fwupdate\fwupdate.exe"
"GBTUpd"=c:\program files\GIGABYTE\GBTUpd\PreRun.exe
"Sony Ericsson PC Suite"="c:\program files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\ICQ7.1\\ICQ.exe"=
"c:\\Program Files\\ICQ7.1\\aolload.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Pinnacle\\Studio 11\\programs\\RM.exe"=
"c:\\Program Files\\Pinnacle\\Studio 11\\programs\\Studio.exe"=
"c:\\Program Files\\Pinnacle\\Studio 11\\programs\\PMSRegisterFile.exe"=
"c:\\Program Files\\Pinnacle\\Studio 11\\programs\\umi.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Rockstar Games\\Grand Theft Auto IV\\LaunchGTAIV.exe"=
"c:\\Program Files\\Rockstar Games\\Grand Theft Auto IV\\GTAIV.exe"=
"c:\\Program Files\\Ubisoft\\Related Designs\\ANNO 1404\\Anno4.exe"=
"c:\\Program Files\\Ubisoft\\Related Designs\\ANNO 1404\\tools\\Anno4Web.exe"=
"c:\\Program Files\\NVIDIA Corporation\\NVIDIA Updatus\\daemonu.exe"=
"c:\\Program Files\\TriDef 3D\\TriDef\\TriDefMediaPlayer\\TriDefMediaPlayer.exe"=
"c:\\Program Files\\CyberLink\\PowerDVD11\\PowerDVD11.exe"=
"c:\\Program Files\\CyberLink\\PowerDVD11\\PDVD11Serv.exe"=
"c:\\Program Files\\CyberLink\\PowerDVD11\\Common\\MediaServer\\CLMSServerForPDVD11.exe"=
"c:\\Program Files\\Ubisoft\\Ubisoft Game Launcher\\UbisoftGameLauncher.exe"=
"c:\\Games\\World_of_Tanks\\WorldOfTanks.exe"=
"c:\\Program Files\\Opera\\pluginwrapper\\opera_plugin_wrapper.exe"=
.
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [23.4.2010 9:13 691696]
R1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys [12.3.2012 11:35 24408]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [10.4.2011 11:04 721000]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [22.4.2010 23:09 353688]
R2 {329F96B6-DF1E-4328-BFDA-39EA953C1312};Power Control [2012/01/09 09:51];c:\program files\CyberLink\PowerDVD11\Common\NavFilter\000.fcl [1.9.2011 23:51 77296]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [22.4.2010 23:09 21256]
R2 BCUService;Browser Configuration Utility Service;c:\program files\DeviceVM\Browser Configuration Utility\BCUService.exe [23.4.2010 0:44 219360]
R2 CLHNServiceForPowerDVD;CLHNServiceForPowerDVD;c:\program files\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe [9.1.2012 10:49 83240]
R2 CyberLink PowerDVD 11.0 Monitor Service;CyberLink PowerDVD 11.0 Monitor Service;c:\program files\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe [9.1.2012 10:49 75048]
R2 CyberLink PowerDVD 11.0 Service;CyberLink PowerDVD 11.0 Service;c:\program files\CyberLink\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe [9.1.2012 10:49 292136]
R2 DES2 Service;DES2 Service for Energy Saving.;c:\program files\Gigabyte\EnergySaver2\des2svr.exe [23.4.2010 2:34 68136]
R2 ntk_PowerDVD;ntk_PowerDVD;c:\program files\CyberLink\PowerDVD11\Kernel\DMP\ntk_PowerDVD.sys [9.1.2012 10:49 71664]
R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [31.12.2011 1:44 2253120]
R2 Smart TimeLock;Smart TimeLock Service;c:\program files\Gigabyte\smart6\timelock\TimeMgmtDaemon.exe [23.4.2010 2:39 114688]
R2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [23.4.2010 2:20 2320920]
R3 nusb3hub;NEC Electronics USB 3.0 Hub Driver;c:\windows\system32\drivers\nusb3hub.sys [26.10.2009 17:19 58240]
R3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver;c:\windows\system32\drivers\nusb3xhc.sys [26.10.2009 17:19 136704]
R3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\drivers\seehcri.sys [7.6.2010 22:45 27632]
S2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [24.12.2011 14:47 136176]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [1.4.2012 7:01 250056]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [23.4.2010 2:20 1691480]
S3 DrvAgent32;DrvAgent32;c:\windows\system32\drivers\DrvAgent32.sys [3.5.2010 19:35 23456]
S3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [24.12.2011 14:47 136176]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\drivers\IntcDAud.sys [23.4.2010 2:29 205824]
S3 s115bus;Sony Ericsson Device 115 driver (WDM);c:\windows\system32\drivers\s115bus.sys [23.7.2010 18:48 83208]
S3 s115mdfl;Sony Ericsson Device 115 USB WMC Modem Filter;c:\windows\system32\drivers\s115mdfl.sys [23.7.2010 18:48 15112]
S3 s115mdm;Sony Ericsson Device 115 USB WMC Modem Driver;c:\windows\system32\drivers\s115mdm.sys [23.7.2010 18:48 108680]
S3 s115mgmt;Sony Ericsson Device 115 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s115mgmt.sys [23.7.2010 18:48 100488]
S3 s115obex;Sony Ericsson Device 115 USB WMC OBEX Interface;c:\windows\system32\drivers\s115obex.sys [23.7.2010 18:48 98568]
S3 se3ebus;Sony Ericsson Device 062 (WDM);c:\windows\system32\drivers\se3ebus.sys [7.6.2010 22:41 83080]
S3 se3emdfl;Sony Ericsson Device 062 USB WMC Modem Filter;c:\windows\system32\drivers\se3emdfl.sys [7.6.2010 22:41 15112]
S3 se3emdm;Sony Ericsson Device 062 USB WMC Modem Driver;c:\windows\system32\drivers\se3emdm.sys [7.6.2010 22:41 108552]
S3 se3emgmt;Sony Ericsson Device 062 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\se3emgmt.sys [7.6.2010 22:41 100360]
S3 se3eobex;Sony Ericsson Device 062 USB WMC OBEX Interface;c:\windows\system32\drivers\se3eobex.sys [7.6.2010 22:41 98568]
.
Obsah adresáře 'Naplánované úlohy'
.
2012-07-04 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-01 06:12]
.
2012-07-04 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\Alwil Software\Avast5\AvastEmUpdate.exe [2012-06-30 16:21]
.
2012-07-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-12-24 12:46]
.
2012-07-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-12-24 12:46]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.alawarhry.cz
mStart Page = hxxp://www.alawarhry.cz
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: {{71BFC818-0CED-42D6-9C87-5142918957EE} - c:\program files\ICQ7.1\ICQ.exe
TCP: Interfaces\{1E0E085F-C92F-49E0-B9A9-6FF5D96EC4C8}: NameServer = 212.111.0.10
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-07-04 10:54
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
.
C:\avast! sandbox
.
sken byl úspešně dokončen
skryté soubory: 1
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet007\Services\{329F96B6-DF1E-4328-BFDA-39EA953C1312}]
"ImagePath"="\??\c:\program files\CyberLink\PowerDVD11\Common\NavFilter\000.fcl"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1960408961-1229272821-725345543-1004\Software\SecuROM\License information*]
"datasecu"=hex:7a,ce,f6,87,7f,cb,8b,00,d0,f5,5e,ea,30,00,f7,e5,d3,67,d7,75,8e,
ec,02,b2,56,c8,a0,8e,c7,24,41,31,92,0b,d7,df,33,1d,6c,15,7c,3f,4e,25,f1,13,\
"rkeysecu"=hex:9c,15,a0,0e,c2,19,6d,59,0e,f7,d1,6f,41,35,cb,a5
.
Celkový čas: 2012-07-04 10:55:36
ComboFix-quarantined-files.txt 2012-07-04 08:55
.
Před spuštěním: Volných bajtů: 11 735 425 024
Po spuštění: Volných bajtů: 11 896 811 520
.
- - End Of File - - CF95ECF9589937004F29C5496C10BE6A

Příspěvekod **jaro3** » 04 črc 2012 16:03

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

Vyčisti systém CCleanerem
a použij i T-Cleaner
smaže vše po Combu,MWAVu atd.-stáhneš>spustíš

pozn. před stažením T-Cleaneru a po dobu čištění deaktivuj antivir a antispyware ,následně T-Cleaner smaž a zapni si znovu antivir a antispyware.

Nemáš málo místa na disku? Máš mít aspoň 15% volného místa.

joboj · Příspěvekod **joboj** » 04 črc 2012 23:07

Provedl jsem všechno podle rad a vypadá to, že všechno funguje jak má. Popisované problémy se dosud neprojevily.

HDD mám rozdělený na 3 disky (C,D,E), systém je nainstalovaný na "C" a tam mám 16% volného místa. Disky "D" a "E" jsou téměř plné.
Už jsem měl HDD i více zaplněn a jediný problém, který se vyskytl byl ten, že nešel ani jeden disk defragmentovat.

Stačí mít tedy na disku s nainstalovaným OS 15% místa?

prosím o kontrolu logu Vyřešeno

prosím o kontrolu logu

Re: prosím o kontrolu logu

Re: prosím o kontrolu logu

Re: prosím o kontrolu logu

Re: prosím o kontrolu logu

Re: prosím o kontrolu logu

Re: prosím o kontrolu logu

Re: prosím o kontrolu logu

Re: prosím o kontrolu logu

Re: prosím o kontrolu logu

Re: prosím o kontrolu logu

Re: prosím o kontrolu logu

Kdo je online