Prosim o kontrolu logu, na notesu obcas zcela nahodne BSOD Vyřešeno

Místo pro vaše HiJackThis logy a logy z dalších programů…

Moderátoři: Mods_senior, Security team

Uživatelský avatar
bluu
Level 2.5
Level 2.5
Příspěvky: 269
Registrován: leden 08
Bydliště: πsek
Pohlaví: Muž
Stav:
Offline

Prosim o kontrolu logu, na notesu obcas zcela nahodne BSOD

Příspěvekod bluu » 14 črc 2012 13:54

Na notesu se mi zcela nahodně objeví modrá obrazovka smrti. Prosím tedy o zkontrolování logu a o pomoc s vyčištěním PC. Díky


Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:54:08, on 14.7.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe
C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\System Control Manager\MGSysCtrl.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Documents and Settings\All Users\Data aplikací\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Games\Steam\steam.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Logitech\SetPoint II\SetpointII.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\WINDOWS\system32\FsUsbExService.Exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\System Control Manager\edd.exe
C:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe
C:\Program Files\PANDORA.TV\PanService\PandoraService.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
C:\Program Files\Microsoft Garage\Mouse without Borders\MouseWithoutBorders.exe
C:\Program Files\Microsoft Garage\Mouse without Borders\MouseWithoutBorders.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe
C:\Program Files\Microsoft Garage\Mouse without Borders\DDHelper.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files\Altap Salamander 2.5\salamand.exe
C:\Documents and Settings\majmo\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\majmo\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\majmo\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\majmo\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\majmo\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\majmo\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\majmo\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\majmo\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\majmo\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\majmo\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\majmo\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\majmo\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\majmo\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\majmo\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\majmo\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\majmo\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\majmo\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = "C:\Program Files\Outlook Express\msimn.exe" //mailurl:mailto:integ.micro@seznam.cz
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel Wireless Tray
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [MGSysCtrl] C:\Program Files\System Control Manager\MGSysCtrl.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [B2C_AGENT] C:\Documents and Settings\All Users\Data aplikací\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [Steam] "C:\Games\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [MSIDLL] rundll32.exe msiovq32.dll,logtOz
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\majmo\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - Global Startup: SetPointII.lnk = ?
O8 - Extra context menu item: Download Using &BitSpirit - C:\Program Files\BitSpirit\bsurl.htm
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: FsUsbExService - Teruten - C:\WINDOWS\system32\FsUsbExService.Exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: SCM Driver Daemon (NishService) - Unknown owner - C:\Program Files\System Control Manager\edd.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: O2Micro Flash Memory Card Service (o2flash) - O2Micro International - C:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe
O23 - Service: PandoraService (PanService) - Pandora.TV - C:\Program Files\PANDORA.TV\PanService\PandoraService.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless WiFi Service (S24EventMonitor) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
O23 - Service: SbPF.Launcher - Sunbelt Software, Inc. - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software, Inc. - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe

--
End of file - 11707 bytes

Reklama
Uživatelský avatar
Žbeky
Moderátor
Guru Level 13
Guru Level 13
Příspěvky: 22288
Registrován: květen 08
Bydliště: Vsetín - Pardubice
Pohlaví: Muž
Stav:
Offline

Re: Prosim o kontrolu logu, na notesu obcas zcela nahodne BS

Příspěvekod Žbeky » 14 črc 2012 15:19

Fixni:

Kód: Vybrat vše

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = "C:\Program Files\Outlook Express\msimn.exe" //mailurl:mailto:integ.micro@seznam.cz
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKCU\..\Run: [MSIDLL] rundll32.exe msiovq32.dll,logtOz
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\majmo\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
- Pokud používáš Firefox, klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
- Pokud používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
- Pokud používáš Chrome, nic dalšího nevybírej a dej Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Update Malwarebytes' Anti-Malware (Aktualizace Malwarebytes' Anti-Malware) a Launch Malwarebytes' Anti-Malware (Spustit aplikaci Malwarebytes' Anti-Malware), pokud jo tak klikni na tlačítko Finish
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Perform Quick Scan (Provést rychlý sken) a klikni na tlačítko Scan (Skenovat)
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- pak zvol možnost Save Logfile a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(ZATÍM SÁM NIC NEMAŽ!).
Vlož sem pak obsah toho logu.



Stáhni si a nainstaluj WhoCrashed
Otevři ho a klikni na Analyze. Program vytvoří zprávu, celou ji zkopíruj a vlož prosím sem.

Stáhni si CrystalDiskInfo
Spusť program a klikni na Úpravy-Kopírovat. Poté sem vlož pomocí Ctrl+V obsah logu.

Stáhni si Memtest:
Do políčka vlož největší velikost Tvé jednotlivé paměti RAM (256,512 nebo 1024,2048), dej Start, nech nejméně 2h běžet a pokud bude po 2h stále 0 errors, jsou v pořádku.
V SZ řeším jen záležitosti týkající se fóra. Na prosby a žádosti o technickou podporu nereaguji. Díky za pochopení.

HiJackThis + návod - HW Monitor - Jak označit příspěvek za vyřešený - Pravidla fóra

Uživatelský avatar
bluu
Level 2.5
Level 2.5
Příspěvky: 269
Registrován: leden 08
Bydliště: πsek
Pohlaví: Muž
Stav:
Offline

Re: Prosim o kontrolu logu, na notesu obcas zcela nahodne BS

Příspěvekod bluu » 14 črc 2012 17:44

Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware) 1.62.0.1300
www.malwarebytes.org

Verze databáze: v2012.07.14.05

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 6.0.2900.5512
majmo :: MSI [administrátor]

Ochrana: Povolena

14.7.2012 17:30:18
mbam-log-2012-07-14 (17-35-28).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 221952
Uplynulý čas: 4 minut, 58 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 1
C:\Documents and Settings\majmo\Local Settings\temp\KMP_3.3.0.33.exe (PUP.ToolbarDownloader) -> Žádná instrukce nebyla provedena.

(konec)



System Information (local)
--------------------------------------------------------------------------------

computer name: MSI
windows version: Windows XP Service Pack 3, 5.1, build: 2600
windows dir: C:\WINDOWS
CPU: GenuineIntel Intel(R) Core(TM)2 Duo CPU T5800 @ 2.00GHz Intel586, level: 6
2 logical processors, active mask: 3
RAM: 3220398080 total
VM: 2147352576, free: 2052214784



--------------------------------------------------------------------------------
Crash Dump Analysis
--------------------------------------------------------------------------------

Crash dump directory: C:\WINDOWS\Minidump

Crash dumps are enabled on your computer.


No valid crash dumps have been found on your computer


--------------------------------------------------------------------------------
Conclusion
--------------------------------------------------------------------------------

Crash dumps are enabled but no valid crash dumps have been found. It may be that there are problems which prevent crash dumps from being written out. Check out the following article for possible causes: If crash dumps are not written out.

In case your computer does experience sudden reboots it is likely these are caused by malfunctioning hardware, power failure or a thermal issue. To troubleshoot a thermal issue, check the temperature using your BIOS setup program, check for dust in CPU and motherboard fans and if your computer is portable make sure it's located on a hard surface. Otherwise it's suggested you contact the support department of the manufacturer of your system or test your system with a memory test utility for further investigation.

Check out the following articles for more information: Troubleshooting sudden resets and shut downs.

Read the topic general suggestions for troubleshooting system crashes for more information.

Note that it's not always possible to state with certainty whether a reported driver is actually responsible for crashing your system or that the root cause is in another module. Nonetheless it's suggested you look for updates for the products that these drivers belong to and regularly visit Windows update or enable automatic updates for Windows. In case a piece of malfunctioning hardware is causing trouble, a search with Google on the bug check errors together with the model name and brand of your computer may help you investigate this further.


----------------------------------------------------------------------------
CrystalDiskInfo 5.0.0 (C) 2008-2012 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows XP Home Edition SP3 [5.1 Build 2600] (x86)
Date : 2012/07/14 17:44:25

-- Controller Map ----------------------------------------------------------
+ Intel(R) ICH8M Ultra ATA Storage Controllers - 2850 [ATA]
+ Primární kanál IDE (0)
- HL-DT-ST DVDRAM GSA-T40N
+ Intel(R) ICH8M-E/M SATA AHCI Controller [ATA]
- WDC WD2500BEVT-22ZCT0
- O2Micro Integrated MMC/SD controller [SCSI]
- O2Micro Integrated MS/MSPRO/xD Controller [SCSI]

-- Disk List ---------------------------------------------------------------
(1) WDC WD2500BEVT-22ZCT0 : 250,0 GB [0/1/0, pd1]

----------------------------------------------------------------------------
(1) WDC WD2500BEVT-22ZCT0
----------------------------------------------------------------------------
Model : WDC WD2500BEVT-22ZCT0
Firmware : 11.01A11
Serial Number : WD-WXE908FP3770
Disk Size : 250,0 GB (8,4/137,4/250,0)
Buffer Size : 8192 KB
Queue Depth : 32
# of Sectors : 488397168
Rotation Rate : 5400 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ----
Transfer Mode : SATA/300
Power On Hours : 13433 hod.
Power On Count : 3611 krát
Temparature : 42 C (107 F)
Health Status : Pozor
Features : S.M.A.R.T., APM, AAM, 48bit LBA, NCQ
APM Level : 0080h [ON]
AAM Level : 8080h [ON]

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 200 _51 000000000029 Počet chyb čtení
03 186 185 _21 00000000068B Čas na roztočení ploten
04 _97 _97 __0 000000000E3A Počet spuštění/zastavení
05 200 200 140 000000000000 Počet přemapovaných sektorů
07 100 253 __0 000000000000 Počet chybných hledání
09 _82 _82 __0 000000003479 Hodin v činnosti
0A 100 100 _51 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 100 100 __0 000000000000 Počet pokusů o překalibrování
0C _97 _97 __0 000000000E1B Počet cyklů zapnutí zařízení
C0 200 200 __0 0000000000BD Počet vypnutí disku
C1 164 164 __0 00000001A798 Počet cyklů načítání/vymazání
C2 105 _94 __0 00000000002A Teplota
C4 200 200 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 200 200 __0 000000000001 Počet podezřelých sektorů
C6 100 253 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
C8 100 253 _51 000000000000 Počet chyb při zápisu sektorů

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 427A 3FFF C837 0010 0000 003F 003F 0000 0000 0000
010: 2020 2020 2057 442D 5758 3038 3038 4650 3337 3730
020: 0000 4000 0032 3131 2E30 3131 3131 5744 4320 5744
030: 3235 3030 4245 5654 2D32 4354 4354 3020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4001 0000 0000 0007 3FFF 003F 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 0706 0706 0000 004C 004C
080: 01FE 0000 746B 7F09 6163 BE09 BE09 6163 407F 002E
090: 002E 0080 FFFE 0000 8080 0000 0000 0000 0000 0000
100: 5970 1D1C 0000 0000 0000 0000 0000 0000 5001 4EE2
110: 0212 8D94 0000 0000 0000 0000 0000 0000 0000 4010
120: 4010 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 169E 0000 0000 0000 0000 0000 0000
140: 0000 0000 0004 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 303F 303F 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 1518 0000 0000
220: 0000 0000 100E 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 72A5

Uživatelský avatar
Žbeky
Moderátor
Guru Level 13
Guru Level 13
Příspěvky: 22288
Registrován: květen 08
Bydliště: Vsetín - Pardubice
Pohlaví: Muž
Stav:
Offline

Re: Prosim o kontrolu logu, na notesu obcas zcela nahodne BS

Příspěvekod Žbeky » 14 črc 2012 18:21

Disk má podezřelý sektor, pomalu začíná odcházet, BSOD ale nejspíš nezpůsobuje

Znovu spusť MbAM a dej Scan
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- ujistit se že máš zatrhnuté všechny vypsané nálezy a klikni na tlačítko Remove Selected
- když skončí odstraňování tak se ti zobrazí log, tak ho sem dej.
- pak zvol v programu OK a pak program ukonči přes Exit

Udělej ten memtest
V SZ řeším jen záležitosti týkající se fóra. Na prosby a žádosti o technickou podporu nereaguji. Díky za pochopení.

HiJackThis + návod - HW Monitor - Jak označit příspěvek za vyřešený - Pravidla fóra

Uživatelský avatar
bluu
Level 2.5
Level 2.5
Příspěvky: 269
Registrován: leden 08
Bydliště: πsek
Pohlaví: Muž
Stav:
Offline

Re: Prosim o kontrolu logu, na notesu obcas zcela nahodne BS

Příspěvekod bluu » 14 črc 2012 18:54

Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware) 1.62.0.1300
www.malwarebytes.org

Verze databáze: v2012.07.14.05

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 6.0.2900.5512
majmo :: MSI [administrátor]

Ochrana: Zakázána

14.7.2012 18:48:35
mbam-log-2012-07-14 (18-48-35).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 222043
Uplynulý čas: 5 minut, 18 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 1
C:\Documents and Settings\majmo\Local Settings\temp\KMP_3.3.0.33.exe (PUP.ToolbarDownloader) -> Umístnění do karantény a smazání se zdařilo.

(konec)

Uživatelský avatar
Žbeky
Moderátor
Guru Level 13
Guru Level 13
Příspěvky: 22288
Registrován: květen 08
Bydliště: Vsetín - Pardubice
Pohlaví: Muž
Stav:
Offline

Re: Prosim o kontrolu logu, na notesu obcas zcela nahodne BS

Příspěvekod Žbeky » 15 črc 2012 10:29

Co ten memtest
V SZ řeším jen záležitosti týkající se fóra. Na prosby a žádosti o technickou podporu nereaguji. Díky za pochopení.

HiJackThis + návod - HW Monitor - Jak označit příspěvek za vyřešený - Pravidla fóra

Uživatelský avatar
bluu
Level 2.5
Level 2.5
Příspěvky: 269
Registrován: leden 08
Bydliště: πsek
Pohlaví: Muž
Stav:
Offline

Re: Prosim o kontrolu logu, na notesu obcas zcela nahodne BS

Příspěvekod bluu » 15 črc 2012 19:40

memtest jsem zkoušel, spustil jsem 2 najednou a celkově na 1.5 gb ramek, víc mě to nepustilo. Zdá se že žádná chyba.

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43298
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Prosim o kontrolu logu, na notesu obcas zcela nahodne BS

Příspěvekod jaro3 » 16 črc 2012 10:18

Možná se jedná o zdroj. Máš možnost ho vyměnit?

Stáhni si TDSSKiller

Na svojí plochu.Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller.2.2.7.1._(datum)_log.txt , vlož sem prosím celý obsah logu.

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

Uživatelský avatar
bluu
Level 2.5
Level 2.5
Příspěvky: 269
Registrován: leden 08
Bydliště: πsek
Pohlaví: Muž
Stav:
Offline

Re: Prosim o kontrolu logu, na notesu obcas zcela nahodne BS

Příspěvekod bluu » 16 črc 2012 15:01

No zdroje na PC mam, ale na notebook ne. Mohl bych se zeptat jak by mohl ten zdroj způsobovat BSOD? Nějakým podnapětím?

Uživatelský avatar
bluu
Level 2.5
Level 2.5
Příspěvky: 269
Registrován: leden 08
Bydliště: πsek
Pohlaví: Muž
Stav:
Offline

Re: Prosim o kontrolu logu, na notesu obcas zcela nahodne BS

Příspěvekod bluu » 16 črc 2012 16:47

15:03:04.0562 2416 TDSS rootkit removing tool 2.7.45.0 Jul 9 2012 12:46:35
15:03:04.0812 2416 ============================================================
15:03:04.0812 2416 Current date / time: 2012/07/16 15:03:04.0812
15:03:04.0812 2416 SystemInfo:
15:03:04.0812 2416
15:03:04.0812 2416 OS Version: 5.1.2600 ServicePack: 3.0
15:03:04.0812 2416 Product type: Workstation
15:03:04.0812 2416 ComputerName: MSI
15:03:04.0812 2416 UserName: majmo
15:03:04.0812 2416 Windows directory: C:\WINDOWS
15:03:04.0812 2416 System windows directory: C:\WINDOWS
15:03:04.0812 2416 Processor architecture: Intel x86
15:03:04.0812 2416 Number of processors: 2
15:03:04.0812 2416 Page size: 0x1000
15:03:04.0812 2416 Boot type: Normal boot
15:03:04.0812 2416 ============================================================
15:03:05.0218 2416 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
15:03:05.0218 2416 ============================================================
15:03:05.0218 2416 \Device\Harddisk0\DR0:
15:03:05.0218 2416 MBR partitions:
15:03:05.0218 2416 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x9C41AD8
15:03:05.0234 2416 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x9C41B56, BlocksNum 0xC34F28D
15:03:05.0250 2416 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x15F90E22, BlocksNum 0x1B58F7A
15:03:05.0265 2416 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x17AE9DDB, BlocksNum 0x56D68E5
15:03:05.0265 2416 ============================================================
15:03:05.0312 2416 C: <-> \Device\Harddisk0\DR0\Partition0
15:03:05.0343 2416 D: <-> \Device\Harddisk0\DR0\Partition1
15:03:05.0375 2416 E: <-> \Device\Harddisk0\DR0\Partition3
15:03:05.0406 2416 J: <-> \Device\Harddisk0\DR0\Partition2
15:03:05.0406 2416 ============================================================
15:03:05.0406 2416 Initialize success
15:03:05.0406 2416 ============================================================
15:03:06.0468 1012 ============================================================
15:03:06.0468 1012 Scan started
15:03:06.0468 1012 Mode: Manual;
15:03:06.0468 1012 ============================================================
15:03:07.0078 1012 6to4 (d76e9f5a991458a9f7e28395479b3150) C:\WINDOWS\System32\6to4svc.dll
15:03:07.0078 1012 6to4 - ok
15:03:07.0093 1012 Abiosdsk - ok
15:03:07.0093 1012 abp480n5 - ok
15:03:07.0156 1012 ACPI (4fe34f1f3126b61fcc6b2043aa8112c9) C:\WINDOWS\system32\DRIVERS\ACPI.sys
15:03:07.0171 1012 ACPI - ok
15:03:07.0203 1012 ACPIEC (afdff022a01f0b11c776f0860c3b282f) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
15:03:07.0203 1012 ACPIEC - ok
15:03:07.0265 1012 Adobe LM Service (4ae327c9c375d985ff2a2aab92765218) C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
15:03:07.0265 1012 Adobe LM Service - ok
15:03:07.0359 1012 AdobeFlashPlayerUpdateSvc (5e1a953c6472e7bb644892a4d0df5e72) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
15:03:07.0375 1012 AdobeFlashPlayerUpdateSvc - ok
15:03:07.0375 1012 adpu160m - ok
15:03:07.0437 1012 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
15:03:07.0453 1012 aec - ok
15:03:07.0500 1012 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
15:03:07.0500 1012 AFD - ok
15:03:07.0656 1012 AgereSoftModem (90456051c422e09bc36e6340dd891f0c) C:\WINDOWS\system32\DRIVERS\AGRSM.sys
15:03:07.0734 1012 AgereSoftModem - ok
15:03:07.0734 1012 Aha154x - ok
15:03:07.0750 1012 aic78u2 - ok
15:03:07.0750 1012 aic78xx - ok
15:03:07.0796 1012 Alerter (e0a6fa244b8624d78fe5ff6f56a33bae) C:\WINDOWS\system32\alrsvc.dll
15:03:07.0796 1012 Alerter - ok
15:03:07.0812 1012 ALG (88842de939a827577bf24243699ac80a) C:\WINDOWS\System32\alg.exe
15:03:07.0828 1012 ALG - ok
15:03:07.0828 1012 AliIde - ok
15:03:07.0843 1012 Amfilter (868ae6fa93c29c8a105539f3e6d5a77f) C:\WINDOWS\system32\DRIVERS\Amfilter.sys
15:03:07.0843 1012 Amfilter - ok
15:03:07.0859 1012 Amps2prt (4c7c8f1678e516a961cd79a1ca0a0c82) C:\WINDOWS\system32\DRIVERS\Amps2prt.sys
15:03:07.0875 1012 Amps2prt - ok
15:03:07.0875 1012 amsint - ok
15:03:07.0906 1012 Amusbprt (37646d4559ad45c96225521b44c45d01) C:\WINDOWS\system32\DRIVERS\Amusbprt.sys
15:03:07.0906 1012 Amusbprt - ok
15:03:07.0937 1012 Andbus (3e59df4984fbd6800d6621480b38a34e) C:\WINDOWS\system32\DRIVERS\lgandbus.sys
15:03:07.0937 1012 Andbus - ok
15:03:07.0968 1012 AndDiag (8e0bf6f3b2c9c292bc7ce0de727cdd56) C:\WINDOWS\system32\DRIVERS\lganddiag.sys
15:03:07.0968 1012 AndDiag - ok
15:03:07.0984 1012 AndGps (1d2c90e25483363d54b652898bbc8f2a) C:\WINDOWS\system32\DRIVERS\lgandgps.sys
15:03:07.0984 1012 AndGps - ok
15:03:08.0015 1012 ANDModem (b1b06a95da2cac7fa19832c60c348c85) C:\WINDOWS\system32\DRIVERS\lgandmodem.sys
15:03:08.0015 1012 ANDModem - ok
15:03:08.0046 1012 androidusb (54a40a58ff71936026f2e49ecfd487b8) C:\WINDOWS\system32\Drivers\lgandadb.sys
15:03:08.0046 1012 androidusb - ok
15:03:08.0046 1012 AppMgmt - ok
15:03:08.0093 1012 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
15:03:08.0093 1012 Arp1394 - ok
15:03:08.0093 1012 asc - ok
15:03:08.0109 1012 asc3350p - ok
15:03:08.0109 1012 asc3550 - ok
15:03:08.0218 1012 aspnet_state (776acefa0ca9df0faa51a5fb2f435705) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
15:03:08.0265 1012 aspnet_state - ok
15:03:08.0281 1012 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
15:03:08.0281 1012 AsyncMac - ok
15:03:08.0328 1012 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
15:03:08.0328 1012 atapi - ok
15:03:08.0328 1012 Atdisk - ok
15:03:08.0375 1012 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
15:03:08.0390 1012 Atmarpc - ok
15:03:08.0406 1012 AudioSrv (de31b88962a8645dba5a37b993e7b0f1) C:\WINDOWS\System32\audiosrv.dll
15:03:08.0406 1012 AudioSrv - ok
15:03:08.0437 1012 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
15:03:08.0453 1012 audstub - ok
15:03:08.0500 1012 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
15:03:08.0500 1012 Beep - ok
15:03:08.0562 1012 BITS (19395d092fd85ddc2d9c7729cf5a2ac8) C:\WINDOWS\system32\qmgr.dll
15:03:08.0671 1012 BITS - ok
15:03:08.0703 1012 Browser (249276d3ef1e74b992299cb96099e4d7) C:\WINDOWS\System32\browser.dll
15:03:08.0718 1012 Browser - ok
15:03:08.0828 1012 Cam5603D (c67978dbfe659dce83708219f70a4f41) C:\WINDOWS\system32\Drivers\BisonCam.sys
15:03:08.0843 1012 Cam5603D - ok
15:03:08.0875 1012 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
15:03:08.0875 1012 cbidf2k - ok
15:03:08.0921 1012 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
15:03:08.0921 1012 CCDECODE - ok
15:03:08.0921 1012 cd20xrnt - ok
15:03:08.0953 1012 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
15:03:08.0953 1012 Cdaudio - ok
15:03:08.0984 1012 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
15:03:08.0984 1012 Cdfs - ok
15:03:09.0000 1012 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
15:03:09.0000 1012 Cdrom - ok
15:03:09.0000 1012 Changer - ok
15:03:09.0046 1012 CiSvc (e390dc1d7c461d7d56ec53402f329928) C:\WINDOWS\system32\cisvc.exe
15:03:09.0046 1012 CiSvc - ok
15:03:09.0078 1012 ClipSrv (064507a8dfa8c5c7e2ffddd3e6f424fa) C:\WINDOWS\system32\clipsrv.exe
15:03:09.0078 1012 ClipSrv - ok
15:03:09.0171 1012 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:03:09.0265 1012 clr_optimization_v2.0.50727_32 - ok
15:03:09.0343 1012 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:03:09.0390 1012 clr_optimization_v4.0.30319_32 - ok
15:03:09.0421 1012 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
15:03:09.0421 1012 CmBatt - ok
15:03:09.0421 1012 CmdIde - ok
15:03:09.0437 1012 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
15:03:09.0437 1012 Compbatt - ok
15:03:09.0437 1012 COMSysApp - ok
15:03:09.0437 1012 Cpqarray - ok
15:03:09.0484 1012 CryptSvc (f3ab0933cbd166d271992f411c27ccaf) C:\WINDOWS\System32\cryptsvc.dll
15:03:09.0484 1012 CryptSvc - ok
15:03:09.0515 1012 CrystalSysInfo - ok
15:03:09.0531 1012 dac2w2k - ok
15:03:09.0531 1012 dac960nt - ok
15:03:09.0578 1012 DcomLaunch (be27674d1cbc3214aec84b4336a38bbf) C:\WINDOWS\system32\rpcss.dll
15:03:09.0593 1012 DcomLaunch - ok
15:03:09.0640 1012 Dhcp (8c9a53e285ac5e6704844d0459ec85be) C:\WINDOWS\System32\dhcpcsvc.dll
15:03:09.0640 1012 Dhcp - ok
15:03:09.0640 1012 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
15:03:09.0640 1012 Disk - ok
15:03:09.0640 1012 dmadmin - ok
15:03:09.0750 1012 dmboot (db5fd2bf5b07dc54bfcb3664ff05bd7c) C:\WINDOWS\system32\drivers\dmboot.sys
15:03:09.0765 1012 dmboot - ok
15:03:09.0796 1012 dmio (fff1720af51171f32f1ead5cf71f2810) C:\WINDOWS\system32\drivers\dmio.sys
15:03:09.0796 1012 dmio - ok
15:03:09.0843 1012 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
15:03:09.0843 1012 dmload - ok
15:03:09.0859 1012 dmserver (2bfefe9e865655a76982f050450b9591) C:\WINDOWS\System32\dmserver.dll
15:03:09.0859 1012 dmserver - ok
15:03:09.0890 1012 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
15:03:09.0890 1012 DMusic - ok
15:03:09.0937 1012 Dnscache (dfaa406bf19f4ee806a6f8d4342137f7) C:\WINDOWS\System32\dnsrslvr.dll
15:03:09.0937 1012 Dnscache - ok
15:03:09.0984 1012 Dot3svc (4a3e2bd20157a0946751229e92eb8621) C:\WINDOWS\System32\dot3svc.dll
15:03:10.0031 1012 Dot3svc - ok
15:03:10.0031 1012 dpti2o - ok
15:03:10.0062 1012 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
15:03:10.0078 1012 drmkaud - ok
15:03:10.0218 1012 dtsoftbus01 (555e54ac2f601a8821cef58961653991) C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys
15:03:10.0218 1012 dtsoftbus01 - ok
15:03:10.0265 1012 eamon (d42dd9021acd47683b33adf21bca49aa) C:\WINDOWS\system32\DRIVERS\eamon.sys
15:03:10.0265 1012 eamon - ok
15:03:10.0328 1012 EapHost (0887d9c2be8d940778cad1e3b85f2a41) C:\WINDOWS\System32\eapsvc.dll
15:03:10.0328 1012 EapHost - ok
15:03:10.0359 1012 ehdrv (fe7824239d132ad9ebd8645fe1199b30) C:\WINDOWS\system32\DRIVERS\ehdrv.sys
15:03:10.0375 1012 ehdrv - ok
15:03:10.0468 1012 EhttpSrv (68d91a34ce51cf15c45dd68f7f1257e8) C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
15:03:10.0468 1012 EhttpSrv - ok
15:03:10.0578 1012 ekrn (191d8eccc40f05b52fac0513f35ba01d) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
15:03:10.0578 1012 ekrn - ok
15:03:10.0640 1012 epfwtdir (aa0667eb9a92414abb784c101a6c7fec) C:\WINDOWS\system32\DRIVERS\epfwtdir.sys
15:03:10.0640 1012 epfwtdir - ok
15:03:10.0671 1012 ERSvc (a2a4912798f2be706abadd3d30800d16) C:\WINDOWS\System32\ersvc.dll
15:03:10.0671 1012 ERSvc - ok
15:03:10.0703 1012 Eventlog (9ef697af07bb8dd82c3b02ca953a95b7) C:\WINDOWS\system32\services.exe
15:03:10.0718 1012 Eventlog - ok
15:03:10.0781 1012 EventSystem (a371f11ef07653591c8de26afb13ce7f) C:\WINDOWS\system32\es.dll
15:03:10.0796 1012 EventSystem - ok
15:03:10.0968 1012 EvtEng (53cca6b4df0977074e85c9a18f42b5cc) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
15:03:11.0000 1012 EvtEng - ok
15:03:11.0062 1012 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
15:03:11.0078 1012 Fastfat - ok
15:03:11.0125 1012 FastUserSwitchingCompatibility (ee9a2b9ea968a792a053c9d1a86bf870) C:\WINDOWS\System32\shsvcs.dll
15:03:11.0125 1012 FastUserSwitchingCompatibility - ok
15:03:11.0140 1012 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
15:03:11.0140 1012 Fdc - ok
15:03:11.0156 1012 Fips (ac366695a0796560aa37215ad5762aaf) C:\WINDOWS\system32\drivers\Fips.sys
15:03:11.0156 1012 Fips - ok
15:03:11.0171 1012 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
15:03:11.0171 1012 Flpydisk - ok
15:03:11.0218 1012 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
15:03:11.0218 1012 FltMgr - ok
15:03:11.0328 1012 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
15:03:11.0328 1012 FontCache3.0.0.0 - ok
15:03:11.0359 1012 FsUsbExDisk (790a4ca68f44be35967b3df61f3e4675) C:\WINDOWS\system32\FsUsbExDisk.SYS
15:03:11.0359 1012 FsUsbExDisk - ok
15:03:11.0406 1012 FsUsbExService (d3f9205cc4cb07553f2f9472c767ea87) C:\WINDOWS\system32\FsUsbExService.Exe
15:03:11.0421 1012 FsUsbExService - ok
15:03:11.0453 1012 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
15:03:11.0453 1012 Fs_Rec - ok
15:03:11.0453 1012 Ftdisk (4e664d8541db4a66b73a24257e322e1f) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
15:03:11.0468 1012 Ftdisk - ok
15:03:11.0500 1012 ggflt (4b5fddbcb9407741f47818b8d1ee4a8e) C:\WINDOWS\system32\DRIVERS\ggflt.sys
15:03:11.0500 1012 ggflt - ok
15:03:11.0531 1012 ggsemc (80bbcc9724b24a708ca9489c1e0a1e5f) C:\WINDOWS\system32\DRIVERS\ggsemc.sys
15:03:11.0531 1012 ggsemc - ok
15:03:11.0562 1012 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
15:03:11.0562 1012 Gpc - ok
15:03:11.0609 1012 hamachi (833051c6c6c42117191935f734cfbd97) C:\WINDOWS\system32\DRIVERS\hamachi.sys
15:03:11.0609 1012 hamachi - ok
15:03:11.0656 1012 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
15:03:11.0656 1012 HDAudBus - ok
15:03:11.0734 1012 helpsvc (fcfe31fb75f8a6295b6b0af87a626282) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
15:03:11.0734 1012 helpsvc - ok
15:03:11.0734 1012 HidServ - ok
15:03:11.0781 1012 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
15:03:11.0781 1012 hidusb - ok
15:03:11.0812 1012 hkmsvc (7a6b320928f86bc851530d63c82965d9) C:\WINDOWS\System32\kmsvc.dll
15:03:11.0812 1012 hkmsvc - ok
15:03:11.0812 1012 hpn - ok
15:03:11.0859 1012 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
15:03:11.0890 1012 HTTP - ok
15:03:11.0921 1012 HTTPFilter (58fe2f2da3bc5573f4a35b3760d3125f) C:\WINDOWS\System32\w3ssl.dll
15:03:11.0921 1012 HTTPFilter - ok
15:03:11.0921 1012 i2omgmt - ok
15:03:11.0937 1012 i2omp - ok
15:03:11.0968 1012 i8042prt (c528e27945367191e7bae364930b6932) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
15:03:11.0968 1012 i8042prt - ok
15:03:12.0015 1012 iastor (abfebc5f846c71afebd7f8f6ba740c03) C:\WINDOWS\system32\DRIVERS\iaStor.sys
15:03:12.0015 1012 iastor - ok
15:03:12.0171 1012 idsvc (c01ac32dc5c03076cfb852cb5da5229c) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
15:03:12.0203 1012 idsvc - ok
15:03:12.0250 1012 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
15:03:12.0250 1012 Imapi - ok
15:03:12.0296 1012 ImapiService (f7b93aafad33b2320954c17e26c8d361) C:\WINDOWS\system32\imapi.exe
15:03:12.0296 1012 ImapiService - ok
15:03:12.0296 1012 ini910u - ok
15:03:12.0656 1012 IntcAzAudAddService (08baf30f6de95814f58af9ce7bbc5614) C:\WINDOWS\system32\drivers\RtkHDAud.sys
15:03:12.0687 1012 IntcAzAudAddService - ok
15:03:12.0765 1012 IntelIde - ok
15:03:12.0812 1012 intelppm (27b290d632af2cf3cf40bfddb7370985) C:\WINDOWS\system32\DRIVERS\intelppm.sys
15:03:12.0812 1012 intelppm - ok
15:03:12.0828 1012 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
15:03:12.0828 1012 Ip6Fw - ok
15:03:12.0875 1012 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
15:03:12.0875 1012 IpFilterDriver - ok
15:03:12.0890 1012 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
15:03:12.0890 1012 IpInIp - ok
15:03:12.0921 1012 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
15:03:12.0921 1012 IpNat - ok
15:03:12.0968 1012 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
15:03:12.0968 1012 IPSec - ok
15:03:13.0015 1012 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
15:03:13.0015 1012 IRENUM - ok
15:03:13.0046 1012 isapnp (cc9f8a2d60aed1a51a3ac34c59b987ae) C:\WINDOWS\system32\DRIVERS\isapnp.sys
15:03:13.0046 1012 isapnp - ok
15:03:13.0140 1012 JavaQuickStarterService (9aa67569d5257462e230767510b0c815) C:\Program Files\Java\jre6\bin\jqs.exe
15:03:13.0156 1012 JavaQuickStarterService - ok
15:03:13.0187 1012 Kbdclass (1b6162fe7f66b1a71a4b70f941c4aa9b) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
15:03:13.0187 1012 Kbdclass - ok
15:03:13.0218 1012 kbdhid (86c8f23616c6c6e5b2776901c17b945b) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
15:03:13.0234 1012 kbdhid - ok
15:03:13.0265 1012 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
15:03:13.0281 1012 kmixer - ok
15:03:13.0328 1012 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
15:03:13.0328 1012 KSecDD - ok
15:03:13.0375 1012 LanmanServer (3428e8f86f8add36b42fb23542c7b3e4) C:\WINDOWS\System32\srvsvc.dll
15:03:13.0375 1012 LanmanServer - ok
15:03:13.0421 1012 lanmanworkstation (936c1d110232d23b621cb0196e4f80f0) C:\WINDOWS\System32\wkssvc.dll
15:03:13.0421 1012 lanmanworkstation - ok
15:03:13.0453 1012 LBeepKE (9ffd1cf2a782f2560e78eec4b8b8689e) C:\WINDOWS\system32\Drivers\LBeepKE.sys
15:03:13.0453 1012 LBeepKE - ok
15:03:13.0453 1012 lbrtfdc - ok
15:03:13.0484 1012 LHidFilt (7f9c7b28cf1c859e1c42619eea946dc8) C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys
15:03:13.0484 1012 LHidFilt - ok
15:03:13.0531 1012 LmHosts (0ab159f536e3e8f7f07113702a07cca5) C:\WINDOWS\System32\lmhsvc.dll
15:03:13.0531 1012 LmHosts - ok
15:03:13.0562 1012 LMouFilt (ab33792a87285344f43b5ce23421bab0) C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys
15:03:13.0562 1012 LMouFilt - ok
15:03:13.0593 1012 MBAMProtector (6dfe7f2e8e8a337263aa5c92a215f161) C:\WINDOWS\system32\drivers\mbam.sys
15:03:13.0593 1012 MBAMProtector - ok
15:03:13.0687 1012 MBAMService (43683e970f008c93c9429ef428147a54) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
15:03:13.0718 1012 MBAMService - ok
15:03:13.0765 1012 Messenger (221cd1c815b8a6b79389c3f5d1018de8) C:\WINDOWS\System32\msgsvc.dll
15:03:13.0765 1012 Messenger - ok
15:03:13.0781 1012 MGHwCtrl (25a4177b8abf458691138f0c9684e70f) C:\WINDOWS\system32\drivers\MGHwCtrl.sys
15:03:13.0781 1012 MGHwCtrl - ok
15:03:13.0812 1012 Modem (44032b0c6d9954d3fd26438330b99ee7) C:\WINDOWS\system32\drivers\Modem.sys
15:03:13.0812 1012 Modem - ok
15:03:13.0828 1012 Mouclass (4cb582831dbde63ce43b45d771218374) C:\WINDOWS\system32\DRIVERS\mouclass.sys
15:03:13.0843 1012 Mouclass - ok
15:03:13.0875 1012 mouhid (bb269eba740737ab749b214d568b6812) C:\WINDOWS\system32\DRIVERS\mouhid.sys
15:03:13.0875 1012 mouhid - ok
15:03:13.0906 1012 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
15:03:13.0906 1012 MountMgr - ok
15:03:13.0937 1012 MouseWithoutBordersSvc (145c5465b8f99e9d8360af852a17dc78) C:\Program Files\Microsoft Garage\Mouse without Borders\MouseWithoutBordersSvc.exe
15:03:13.0937 1012 MouseWithoutBordersSvc - ok
15:03:13.0968 1012 MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
15:03:13.0984 1012 MozillaMaintenance - ok
15:03:13.0984 1012 mraid35x - ok
15:03:14.0000 1012 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
15:03:14.0000 1012 MRxDAV - ok
15:03:14.0062 1012 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
15:03:14.0062 1012 MRxSmb - ok
15:03:14.0109 1012 MSDTC (6db4d1521caba9a5ffab54ade0ae867d) C:\WINDOWS\system32\msdtc.exe
15:03:14.0109 1012 MSDTC - ok
15:03:14.0109 1012 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
15:03:14.0109 1012 Msfs - ok
15:03:14.0125 1012 MSIServer - ok
15:03:14.0140 1012 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
15:03:14.0140 1012 MSKSSRV - ok
15:03:14.0187 1012 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
15:03:14.0187 1012 MSPCLOCK - ok
15:03:14.0203 1012 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
15:03:14.0203 1012 MSPQM - ok
15:03:14.0234 1012 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
15:03:14.0234 1012 mssmbios - ok
15:03:14.0265 1012 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
15:03:14.0265 1012 MSTEE - ok
15:03:14.0312 1012 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
15:03:14.0312 1012 Mup - ok
15:03:14.0343 1012 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
15:03:14.0359 1012 NABTSFEC - ok
15:03:14.0406 1012 napagent (6ea362e9db03d44f6b996f4d8be237e9) C:\WINDOWS\System32\qagentrt.dll
15:03:14.0421 1012 napagent - ok
15:03:14.0468 1012 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
15:03:14.0468 1012 NDIS - ok
15:03:14.0500 1012 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
15:03:14.0500 1012 NdisIP - ok
15:03:14.0531 1012 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
15:03:14.0531 1012 NdisTapi - ok
15:03:14.0531 1012 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
15:03:14.0531 1012 Ndisuio - ok
15:03:14.0546 1012 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
15:03:14.0546 1012 NdisWan - ok
15:03:14.0593 1012 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
15:03:14.0593 1012 NDProxy - ok
15:03:14.0593 1012 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
15:03:14.0609 1012 NetBIOS - ok
15:03:14.0625 1012 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
15:03:14.0640 1012 NetBT - ok
15:03:14.0671 1012 NetDDE (933de774986ec85e48210c44ab431de6) C:\WINDOWS\system32\netdde.exe
15:03:14.0671 1012 NetDDE - ok
15:03:14.0671 1012 NetDDEdsdm (933de774986ec85e48210c44ab431de6) C:\WINDOWS\system32\netdde.exe
15:03:14.0687 1012 NetDDEdsdm - ok
15:03:14.0734 1012 Netlogon (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
15:03:14.0734 1012 Netlogon - ok
15:03:14.0781 1012 Netman (72e1e9e2977be08bdeedb6d8fd9d4d40) C:\WINDOWS\System32\netman.dll
15:03:14.0796 1012 Netman - ok
15:03:14.0890 1012 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
15:03:14.0921 1012 NetTcpPortSharing - ok
15:03:15.0250 1012 NETw5x32 (ccdb8db66acd3c0a6c8e171b79f60ac4) C:\WINDOWS\system32\DRIVERS\NETw5x32.sys
15:03:15.0359 1012 NETw5x32 - ok
15:03:15.0468 1012 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
15:03:15.0468 1012 NIC1394 - ok
15:03:15.0546 1012 NishService (aff24206ffc1081787155b03c99ba716) C:\Program Files\System Control Manager\edd.exe
15:03:15.0546 1012 NishService - ok
15:03:15.0609 1012 Nla (39ee7c3bfbc64ba87cc8cf67386e814c) C:\WINDOWS\System32\mswsock.dll
15:03:15.0625 1012 Nla - ok
15:03:15.0750 1012 NMIndexingService (cb992ae1506985d9167e85883b4c3240) C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
15:03:15.0781 1012 NMIndexingService - ok
15:03:15.0828 1012 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
15:03:15.0828 1012 Npfs - ok
15:03:15.0859 1012 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
15:03:15.0875 1012 Ntfs - ok
15:03:15.0890 1012 NtLmSsp (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
15:03:15.0890 1012 NtLmSsp - ok
15:03:15.0937 1012 NtmsSvc (023dd70573d644f3d9c8b1258a7bfd08) C:\WINDOWS\system32\ntmssvc.dll
15:03:15.0968 1012 NtmsSvc - ok
15:03:16.0015 1012 NTPCI (8cc8eba7931a8f77fd85fc09f5b2672d) C:\WINDOWS\system32\drivers\ntpci.sys
15:03:16.0015 1012 NTPCI - ok
15:03:16.0062 1012 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
15:03:16.0062 1012 Null - ok
15:03:16.0796 1012 nv (a05d99cbf55eb493c9e82b4bca848ef5) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
15:03:17.0062 1012 nv - ok
15:03:17.0156 1012 NVSvc (a86a2f2b2bf5d5eed075b6417de5cf1c) C:\WINDOWS\system32\nvsvc32.exe
15:03:17.0156 1012 NVSvc - ok
15:03:17.0203 1012 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
15:03:17.0203 1012 NwlnkFlt - ok
15:03:17.0218 1012 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
15:03:17.0218 1012 NwlnkFwd - ok
15:03:17.0250 1012 NwlnkIpx (8b8b1be2dba4025da6786c645f77f123) C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys
15:03:17.0250 1012 NwlnkIpx - ok
15:03:17.0265 1012 NwlnkNb (56d34a67c05e94e16377c60609741ff8) C:\WINDOWS\system32\DRIVERS\nwlnknb.sys
15:03:17.0265 1012 NwlnkNb - ok
15:03:17.0296 1012 NwlnkSpx (c0bb7d1615e1acbdc99757f6ceaf8cf0) C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys
15:03:17.0312 1012 NwlnkSpx - ok
15:03:17.0343 1012 NwSapAgent (85d8c6514bd48df2cc61debe3f879dc0) C:\WINDOWS\System32\ipxsap.dll
15:03:17.0343 1012 NwSapAgent - ok
15:03:17.0406 1012 o2flash (d955d5de998db2476bf0892be3a96c26) C:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe
15:03:17.0421 1012 o2flash - ok
15:03:17.0437 1012 O2MDRDR (0c95ba8d98c39fba5383461f53254c02) C:\WINDOWS\system32\DRIVERS\o2media.sys
15:03:17.0453 1012 O2MDRDR - ok
15:03:17.0453 1012 O2SDRDR (706cb21d5cf1143d26f6c0dcdbf60d10) C:\WINDOWS\system32\DRIVERS\o2sd.sys
15:03:17.0453 1012 O2SDRDR - ok
15:03:17.0484 1012 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
15:03:17.0484 1012 ohci1394 - ok
15:03:17.0562 1012 PanService (20bd38241edd66d8fdc9e3496a1762a3) C:\Program Files\PANDORA.TV\PanService\PandoraService.exe
15:03:17.0578 1012 PanService - ok
15:03:17.0640 1012 Parport (46f8db73b4a53e543f8e371dc7c75bae) C:\WINDOWS\system32\drivers\Parport.sys
15:03:17.0640 1012 Parport - ok
15:03:17.0640 1012 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
15:03:17.0640 1012 PartMgr - ok
15:03:17.0671 1012 ParVdm (1fae19d0457176318bba4a8795656ebc) C:\WINDOWS\system32\drivers\ParVdm.sys
15:03:17.0671 1012 ParVdm - ok
15:03:17.0718 1012 pccsmcfd (175cc28dcf819f78caa3fbd44ad9e52a) C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
15:03:17.0718 1012 pccsmcfd - ok
15:03:17.0734 1012 PCI (6ce351d149cb4befc702951e471e1730) C:\WINDOWS\system32\DRIVERS\pci.sys
15:03:17.0734 1012 PCI - ok
15:03:17.0734 1012 PCIDump - ok
15:03:17.0750 1012 PCIIde (2da4ec85e0ea7a45c6b2a05820492d5a) C:\WINDOWS\system32\DRIVERS\pciide.sys
15:03:17.0750 1012 PCIIde - ok
15:03:17.0765 1012 Pcmcia (4fc31e6c19a5ce5198b1abff94cae758) C:\WINDOWS\system32\drivers\Pcmcia.sys
15:03:17.0765 1012 Pcmcia - ok
15:03:17.0765 1012 PDCOMP - ok
15:03:17.0781 1012 PDFRAME - ok
15:03:17.0781 1012 PDRELI - ok
15:03:17.0781 1012 PDRFRAME - ok
15:03:17.0781 1012 perc2 - ok
15:03:17.0796 1012 perc2hib - ok
15:03:17.0828 1012 PlugPlay (9ef697af07bb8dd82c3b02ca953a95b7) C:\WINDOWS\system32\services.exe
15:03:17.0843 1012 PlugPlay - ok
15:03:17.0859 1012 PolicyAgent (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
15:03:17.0859 1012 PolicyAgent - ok
15:03:17.0890 1012 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
15:03:17.0890 1012 PptpMiniport - ok
15:03:17.0890 1012 ProtectedStorage (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
15:03:17.0890 1012 ProtectedStorage - ok
15:03:17.0906 1012 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
15:03:17.0906 1012 PSched - ok
15:03:17.0937 1012 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
15:03:17.0937 1012 Ptilink - ok
15:03:17.0968 1012 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINDOWS\system32\Drivers\PxHelp20.sys
15:03:17.0984 1012 PxHelp20 - ok
15:03:17.0984 1012 ql1080 - ok
15:03:17.0984 1012 Ql10wnt - ok
15:03:17.0984 1012 ql12160 - ok
15:03:17.0984 1012 ql1240 - ok
15:03:18.0000 1012 ql1280 - ok
15:03:18.0015 1012 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
15:03:18.0015 1012 RasAcd - ok
15:03:18.0062 1012 RasAuto (2b5e44ea009f2f374b980e1e9a70635d) C:\WINDOWS\System32\rasauto.dll
15:03:18.0062 1012 RasAuto - ok
15:03:18.0078 1012 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
15:03:18.0078 1012 Rasl2tp - ok
15:03:18.0109 1012 RasMan (d57554c664b64604bd1ee13ea2c07e77) C:\WINDOWS\System32\rasmans.dll
15:03:18.0125 1012 RasMan - ok
15:03:18.0125 1012 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
15:03:18.0125 1012 RasPppoe - ok
15:03:18.0156 1012 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
15:03:18.0156 1012 Raspti - ok
15:03:18.0203 1012 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
15:03:18.0203 1012 Rdbss - ok
15:03:18.0218 1012 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
15:03:18.0218 1012 RDPCDD - ok
15:03:18.0281 1012 RDPWD (6589db6e5969f8eee594cf71171c5028) C:\WINDOWS\system32\drivers\RDPWD.sys
15:03:18.0281 1012 RDPWD - ok
15:03:18.0312 1012 RDSessMgr (c0d9d9711cb74ee9bc66353d8cbdab0e) C:\WINDOWS\system32\sessmgr.exe
15:03:18.0312 1012 RDSessMgr - ok
15:03:18.0343 1012 redbook (611bfd220305be3a85ae876ea47d4aa5) C:\WINDOWS\system32\DRIVERS\redbook.sys
15:03:18.0343 1012 redbook - ok
15:03:18.0468 1012 RegSrvc (7c4391419852dfc331f6af620c33af3c) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
15:03:18.0484 1012 RegSrvc - ok
15:03:18.0515 1012 RemoteAccess (127c26b5371651043450e52542099aba) C:\WINDOWS\System32\mprdim.dll
15:03:18.0531 1012 RemoteAccess - ok
15:03:18.0562 1012 RpcLocator (718b3bdc0bc3c2f7d065a53d26202af9) C:\WINDOWS\system32\locator.exe
15:03:18.0562 1012 RpcLocator - ok
15:03:18.0609 1012 RpcSs (be27674d1cbc3214aec84b4336a38bbf) C:\WINDOWS\System32\rpcss.dll
15:03:18.0625 1012 RpcSs - ok
15:03:18.0671 1012 RSVP (09ab2e71e58b078038e3bfdba7ffc984) C:\WINDOWS\system32\rsvp.exe
15:03:18.0687 1012 RSVP - ok
15:03:18.0718 1012 RTLE8023xp (3400495f5b219d5153c770a95499579c) C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
15:03:18.0718 1012 RTLE8023xp - ok
15:03:18.0765 1012 s125bus (06847aa6f3a9bf7c44134d00a2e578c0) C:\WINDOWS\system32\DRIVERS\s125bus.sys
15:03:18.0781 1012 s125bus - ok
15:03:18.0796 1012 s125mdfl (f83f88e1b125308fb5015ea0349502b0) C:\WINDOWS\system32\DRIVERS\s125mdfl.sys
15:03:18.0796 1012 s125mdfl - ok
15:03:18.0812 1012 s125mdm (402a97756c14940ad6ae5169c2fb105e) C:\WINDOWS\system32\DRIVERS\s125mdm.sys
15:03:18.0812 1012 s125mdm - ok
15:03:18.0828 1012 s125mgmt (82b14c51de76825ec769a6374e4c57d6) C:\WINDOWS\system32\DRIVERS\s125mgmt.sys
15:03:18.0843 1012 s125mgmt - ok
15:03:18.0859 1012 s125obex (bedfc5707c356fd073bf1a4afe442d91) C:\WINDOWS\system32\DRIVERS\s125obex.sys
15:03:18.0859 1012 s125obex - ok
15:03:19.0015 1012 S24EventMonitor (55ccc8ced5778556f6b516b3858ac970) C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
15:03:19.0015 1012 S24EventMonitor - ok
15:03:19.0046 1012 s24trans (96b4494d4734970f47c566e098c4f527) C:\WINDOWS\system32\DRIVERS\s24trans.sys
15:03:19.0046 1012 s24trans - ok
15:03:19.0062 1012 SamSs (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
15:03:19.0062 1012 SamSs - ok
15:03:19.0125 1012 SbFw (419883201ca9ad697ccfb8fc46dd6f78) C:\WINDOWS\system32\drivers\SbFw.sys
15:03:19.0125 1012 SbFw - ok
15:03:19.0156 1012 SBFWIMCL (f01b8409a11c319e3c5b9dd418676d2c) C:\WINDOWS\system32\DRIVERS\sbfwim.sys
15:03:19.0156 1012 SBFWIMCL - ok
15:03:19.0187 1012 sbhips (31ca701f26ea66468ad3c3c6498755ce) C:\WINDOWS\system32\drivers\sbhips.sys
15:03:19.0203 1012 sbhips - ok
15:03:19.0250 1012 SbPF.Launcher (56c92289535834aa26144b4368932dcb) C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
15:03:19.0250 1012 SbPF.Launcher - ok
15:03:19.0296 1012 SCardSvr (410046e401eb11e1e6749e9deea41d4a) C:\WINDOWS\System32\SCardSvr.exe
15:03:19.0312 1012 SCardSvr - ok
15:03:19.0375 1012 Schedule (3ff232a7731621b8902d81d42418c93c) C:\WINDOWS\system32\schedsvc.dll
15:03:19.0390 1012 Schedule - ok
15:03:19.0406 1012 sdbus (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys
15:03:19.0421 1012 sdbus - ok
15:03:19.0421 1012 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
15:03:19.0421 1012 Secdrv - ok
15:03:19.0453 1012 seclogon (477e2c3cc5e4a0d635bcb0ea8dcac3c6) C:\WINDOWS\System32\seclogon.dll
15:03:19.0453 1012 seclogon - ok
15:03:19.0468 1012 SENS (a530b75c10c23c9ab28fdb6ce719e21f) C:\WINDOWS\system32\sens.dll
15:03:19.0468 1012 SENS - ok
15:03:19.0484 1012 Serial (b842729337c9b921615c40d3c1a1af96) C:\WINDOWS\system32\drivers\Serial.sys
15:03:19.0500 1012 Serial - ok
15:03:19.0593 1012 ServiceLayer (9d38320bb32230349379df5ddbbf7fce) C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
15:03:19.0625 1012 ServiceLayer - ok
15:03:19.0640 1012 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
15:03:19.0656 1012 Sfloppy - ok
15:03:19.0687 1012 SharedAccess (f58faca9621d2db01bd0927d9a0a208e) C:\WINDOWS\System32\ipnathlp.dll
15:03:19.0687 1012 SharedAccess - ok
15:03:19.0734 1012 ShellHWDetection (ee9a2b9ea968a792a053c9d1a86bf870) C:\WINDOWS\System32\shsvcs.dll
15:03:19.0734 1012 ShellHWDetection - ok
15:03:19.0734 1012 Simbad - ok
15:03:19.0781 1012 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
15:03:19.0781 1012 SLIP - ok
15:03:19.0796 1012 Sparrow - ok
15:03:19.0968 1012 SPF4 (b3c9d712962db83c280d0c4aac8963a8) C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
15:03:20.0015 1012 SPF4 - ok
15:03:20.0062 1012 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
15:03:20.0062 1012 splitter - ok
15:03:20.0093 1012 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
15:03:20.0093 1012 Spooler - ok
15:03:20.0187 1012 sptd (a80cd850d69d996c832bea37e3a6aa1e) C:\WINDOWS\system32\Drivers\sptd.sys
15:03:20.0187 1012 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\sptd.sys. md5: a80cd850d69d996c832bea37e3a6aa1e
15:03:20.0187 1012 sptd ( LockedFile.Multi.Generic ) - warning
15:03:20.0187 1012 sptd - detected LockedFile.Multi.Generic (1)
15:03:20.0234 1012 sr (94610c8653635e4459316a0050d55ce7) C:\WINDOWS\system32\DRIVERS\sr.sys
15:03:20.0234 1012 sr - ok
15:03:20.0281 1012 srservice (35b91147124f64ac8081a2edb9ea4dee) C:\WINDOWS\system32\srsvc.dll
15:03:20.0281 1012 srservice - ok
15:03:20.0328 1012 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
15:03:20.0328 1012 Srv - ok
15:03:20.0375 1012 sscdbus (92b69020fc480219683d429dca068d71) C:\WINDOWS\system32\DRIVERS\sscdbus.sys
15:03:20.0375 1012 sscdbus - ok
15:03:20.0406 1012 sscdmdfl (77a2869d40cc84af711c321f9b0c7a78) C:\WINDOWS\system32\DRIVERS\sscdmdfl.sys
15:03:20.0421 1012 sscdmdfl - ok
15:03:20.0453 1012 sscdmdm (b4255635195a8413fcde7af5b7c4e382) C:\WINDOWS\system32\DRIVERS\sscdmdm.sys
15:03:20.0453 1012 sscdmdm - ok
15:03:20.0484 1012 SSDPSRV (becd5271dc4e3b7c3d035f790fcbc1e5) C:\WINDOWS\System32\ssdpsrv.dll
15:03:20.0484 1012 SSDPSRV - ok
15:03:20.0515 1012 StarOpen (306521935042fc0a6988d528643619b3) C:\WINDOWS\system32\drivers\StarOpen.sys
15:03:20.0515 1012 StarOpen - ok
15:03:20.0578 1012 stisvc (c1cdd9275f6a115bb0ae1d55d8d27ba6) C:\WINDOWS\system32\wiaservc.dll
15:03:20.0609 1012 stisvc - ok
15:03:20.0656 1012 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
15:03:20.0656 1012 streamip - ok
15:03:20.0687 1012 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
15:03:20.0687 1012 swenum - ok
15:03:20.0703 1012 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
15:03:20.0703 1012 swmidi - ok
15:03:20.0718 1012 SwPrv - ok
15:03:20.0718 1012 symc810 - ok
15:03:20.0718 1012 symc8xx - ok
15:03:20.0718 1012 sym_hi - ok
15:03:20.0734 1012 sym_u3 - ok
15:03:20.0750 1012 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
15:03:20.0765 1012 sysaudio - ok
15:03:20.0796 1012 SysmonLog (ce06f01b88ace199a1bf460cac29c110) C:\WINDOWS\system32\smlogsvc.exe
15:03:20.0796 1012 SysmonLog - ok
15:03:20.0828 1012 TapiSrv (c2546cd7a398476f9df5614b2ae160e8) C:\WINDOWS\System32\tapisrv.dll
15:03:20.0843 1012 TapiSrv - ok
15:03:20.0890 1012 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
15:03:20.0890 1012 Tcpip - ok
15:03:20.0937 1012 Tcpip6 (4e53bbcc4be37d7a4bd6ef1098c89ff7) C:\WINDOWS\system32\DRIVERS\tcpip6.sys
15:03:20.0953 1012 Tcpip6 - ok
15:03:20.0984 1012 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
15:03:20.0984 1012 TDPIPE - ok
15:03:21.0000 1012 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
15:03:21.0000 1012 TDTCP - ok
15:03:21.0031 1012 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
15:03:21.0031 1012 TermDD - ok
15:03:21.0078 1012 TermService (a75dd6fc3dbee4fff5ebc9f2c28bb66e) C:\WINDOWS\System32\termsrv.dll
15:03:21.0093 1012 TermService - ok
15:03:21.0140 1012 Themes (ee9a2b9ea968a792a053c9d1a86bf870) C:\WINDOWS\System32\shsvcs.dll
15:03:21.0140 1012 Themes - ok
15:03:21.0234 1012 TOSHIBA Bluetooth Service (2e7315b147e524e055026e6634b14ea6) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
15:03:21.0250 1012 TOSHIBA Bluetooth Service - ok
15:03:21.0250 1012 TosIde - ok
15:03:21.0281 1012 tosporte (8d624d3bd1f2d78bd1c01a2d4e954b4e) C:\WINDOWS\system32\DRIVERS\tosporte.sys
15:03:21.0281 1012 tosporte - ok
15:03:21.0328 1012 tosrfbd (399c5e4db7bdd5a83a7d26c96389b85a) C:\WINDOWS\system32\DRIVERS\tosrfbd.sys
15:03:21.0328 1012 tosrfbd - ok
15:03:21.0328 1012 tosrfbnp (181e217a7a326817d97946d045b3cb46) C:\WINDOWS\system32\Drivers\tosrfbnp.sys
15:03:21.0343 1012 tosrfbnp - ok
15:03:21.0343 1012 Tosrfcom (e90ace3b4fa7a85f992bc21eb779c407) C:\WINDOWS\system32\Drivers\tosrfcom.sys
15:03:21.0359 1012 Tosrfcom - ok
15:03:21.0375 1012 Tosrfhid (efc95c0dc6f96b228f58319776006548) C:\WINDOWS\system32\DRIVERS\Tosrfhid.sys
15:03:21.0375 1012 Tosrfhid - ok
15:03:21.0390 1012 tosrfnds (c52fd27b9adf3a1f22cb90e6bcf9b0cb) C:\WINDOWS\system32\DRIVERS\tosrfnds.sys
15:03:21.0390 1012 tosrfnds - ok
15:03:21.0406 1012 TosRfSnd (156d63f6898e4d95f2962f2b72862868) C:\WINDOWS\system32\drivers\tosrfsnd.sys
15:03:21.0406 1012 TosRfSnd - ok
15:03:21.0421 1012 Tosrfusb (98c04a6432ce9c2ad328f57b9384d348) C:\WINDOWS\system32\DRIVERS\tosrfusb.sys
15:03:21.0421 1012 Tosrfusb - ok
15:03:21.0468 1012 TrkWks (38853304ccb938d30e0c4cde8d2c2a8a) C:\WINDOWS\system32\trkwks.dll
15:03:21.0468 1012 TrkWks - ok
15:03:21.0484 1012 tunmp (8f861eda21c05857eb8197300a92501c) C:\WINDOWS\system32\DRIVERS\tunmp.sys
15:03:21.0484 1012 tunmp - ok
15:03:21.0500 1012 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
15:03:21.0500 1012 Udfs - ok
15:03:21.0500 1012 ultra - ok
15:03:21.0562 1012 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
15:03:21.0578 1012 Update - ok
15:03:21.0625 1012 upnphost (651bd90dcee5b7bdc74a2eb7c9266f9e) C:\WINDOWS\System32\upnphost.dll
15:03:21.0640 1012 upnphost - ok
15:03:21.0656 1012 UPS (20a0f6a11959e92908717d09e87d670d) C:\WINDOWS\System32\ups.exe
15:03:21.0656 1012 UPS - ok
15:03:21.0687 1012 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
15:03:21.0687 1012 usbaudio - ok
15:03:21.0687 1012 usbbus - ok
15:03:21.0718 1012 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
15:03:21.0718 1012 usbccgp - ok
15:03:21.0718 1012 UsbDiag - ok
15:03:21.0765 1012 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
15:03:21.0765 1012 usbehci - ok
15:03:21.0812 1012 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
15:03:21.0812 1012 usbhub - ok
15:03:21.0828 1012 USBModem - ok
15:03:21.0843 1012 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
15:03:21.0859 1012 usbprint - ok
15:03:21.0890 1012 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
15:03:21.0890 1012 usbscan - ok
15:03:21.0921 1012 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
15:03:21.0921 1012 USBSTOR - ok
15:03:21.0953 1012 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
15:03:21.0953 1012 usbuhci - ok
15:03:22.0000 1012 VBoxDrv (103b23ec82c08fc4bdbc369552ffab2a) C:\WINDOWS\system32\DRIVERS\VBoxDrv.sys
15:03:22.0000 1012 VBoxDrv - ok
15:03:22.0046 1012 VBoxNetAdp (226cd9e42be28a84ec56430fbb57224f) C:\WINDOWS\system32\DRIVERS\VBoxNetAdp.sys
15:03:22.0046 1012 VBoxNetAdp - ok
15:03:22.0078 1012 VBoxNetFlt (0a5d6512dcb14135a388d0e7e69e01bb) C:\WINDOWS\system32\DRIVERS\VBoxNetFlt.sys
15:03:22.0078 1012 VBoxNetFlt - ok
15:03:22.0109 1012 VBoxUSBMon (96a478edfb1fbf1fc663beb09b4175a8) C:\WINDOWS\system32\DRIVERS\VBoxUSBMon.sys
15:03:22.0109 1012 VBoxUSBMon - ok
15:03:22.0140 1012 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
15:03:22.0140 1012 VgaSave - ok
15:03:22.0140 1012 ViaIde - ok
15:03:22.0156 1012 VolSnap (28a4b296b47782173c346e376cb374d1) C:\WINDOWS\system32\drivers\VolSnap.sys
15:03:22.0156 1012 VolSnap - ok
15:03:22.0187 1012 VSS (d6ba1a63d9e00933f1cd2a885573afb2) C:\WINDOWS\System32\vssvc.exe
15:03:22.0203 1012 VSS - ok
15:03:22.0250 1012 W32Time (fa4e1cdba256787f2149f4aad07bc91f) C:\WINDOWS\system32\w32time.dll
15:03:22.0250 1012 W32Time - ok
15:03:22.0296 1012 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
15:03:22.0296 1012 Wanarp - ok
15:03:22.0359 1012 Wdf01000 (fd47474bd21794508af449d9d91af6e6) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
15:03:22.0359 1012 Wdf01000 - ok
15:03:22.0359 1012 WDICA - ok
15:03:22.0406 1012 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
15:03:22.0406 1012 wdmaud - ok
15:03:22.0437 1012 WebClient (47ae51048a82dfa1cd6b51d369f7e169) C:\WINDOWS\System32\webclnt.dll
15:03:22.0453 1012 WebClient - ok
15:03:22.0531 1012 winmgmt (e488332126e3b1182d2b8a0c35408ec6) C:\WINDOWS\system32\wbem\WMIsvc.dll
15:03:22.0546 1012 winmgmt - ok
15:03:22.0593 1012 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
15:03:22.0593 1012 WmdmPmSN - ok
15:03:22.0625 1012 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
15:03:22.0625 1012 WmiAcpi - ok
15:03:22.0671 1012 WmiApSrv (23f6f03272f7e5679f1f050aed5acee6) C:\WINDOWS\system32\wbem\wmiapsrv.exe
15:03:22.0671 1012 WmiApSrv - ok
15:03:22.0843 1012 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
15:03:22.0859 1012 WPFFontCache_v0400 - ok
15:03:22.0921 1012 wscsvc (4c86d5faf78194995af9cc1075f65dd3) C:\WINDOWS\system32\wscsvc.dll
15:03:22.0921 1012 wscsvc - ok
15:03:22.0953 1012 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
15:03:22.0953 1012 WSTCODEC - ok
15:03:23.0000 1012 wuauserv (c1364564800ee9784192145324a23308) C:\WINDOWS\system32\wuauserv.dll
15:03:23.0000 1012 wuauserv - ok
15:03:23.0031 1012 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
15:03:23.0031 1012 WudfPf - ok
15:03:23.0046 1012 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
15:03:23.0062 1012 WudfRd - ok
15:03:23.0093 1012 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
15:03:23.0093 1012 WudfSvc - ok
15:03:23.0171 1012 WZCSVC (a27d4ba7264c0bf52f32d10405bea1d4) C:\WINDOWS\System32\wzcsvc.dll
15:03:23.0203 1012 WZCSVC - ok
15:03:23.0234 1012 xmlprov (eaa4bb9edb3fb10cf8979fe65e63658f) C:\WINDOWS\System32\xmlprov.dll
15:03:23.0296 1012 xmlprov - ok
15:03:23.0343 1012 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
15:03:23.0750 1012 \Device\Harddisk0\DR0 - ok
15:03:23.0750 1012 Boot (0x1200) (f0d07059d36df67cf1a9fe7fcae0edb4) \Device\Harddisk0\DR0\Partition0
15:03:23.0750 1012 \Device\Harddisk0\DR0\Partition0 - ok
15:03:23.0781 1012 Boot (0x1200) (8366064736721315be8010f3a3cc9cb0) \Device\Harddisk0\DR0\Partition1
15:03:23.0781 1012 \Device\Harddisk0\DR0\Partition1 - ok
15:03:23.0796 1012 Boot (0x1200) (d0213c95685af1ab0662d0838cc8b461) \Device\Harddisk0\DR0\Partition2
15:03:23.0796 1012 \Device\Harddisk0\DR0\Partition2 - ok
15:03:23.0812 1012 Boot (0x1200) (eaa2081f9a09f0b9526ea9ccb8dd65a9) \Device\Harddisk0\DR0\Partition3
15:03:23.0828 1012 \Device\Harddisk0\DR0\Partition3 - ok
15:03:23.0828 1012 ============================================================
15:03:23.0828 1012 Scan finished
15:03:23.0828 1012 ============================================================
15:03:23.0828 2468 Detected object count: 1
15:03:23.0828 2468 Actual detected object count: 1
15:03:30.0828 2468 sptd ( LockedFile.Multi.Generic ) - skipped by user
15:03:30.0843 2468 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
15:03:39.0312 2820 Deinitialize success

Uživatelský avatar
bluu
Level 2.5
Level 2.5
Příspěvky: 269
Registrován: leden 08
Bydliště: πsek
Pohlaví: Muž
Stav:
Offline

Re: Prosim o kontrolu logu, na notesu obcas zcela nahodne BS

Příspěvekod bluu » 16 črc 2012 16:49

ComboFix 12-07-16.01 - majmo 16.07.2012 16:34:59.9.2 - x86 MINIMAL
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.3071.2670 [GMT 2:00]
Spuštěný z: c:\documents and settings\majmo\Plocha\Downloads\ComboFix.exe
FW: Sunbelt Personal Firewall *Enabled* {82B1150E-9B37-49FC-83EB-D52197D900D0}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\majmo\WINDOWS
C:\Thumbs.db
c:\windows\system32\_000013_.tmp.dll
c:\windows\system32\_000014_.tmp.dll
c:\windows\system32\_000015_.tmp.dll
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-06-16 do 2012-07-16 )))))))))))))))))))))))))))))))
.
.
2012-07-14 15:43 . 2012-07-14 15:43 -------- d-----w- c:\program files\CrystalDiskInfo
2012-07-14 15:36 . 2012-07-14 15:39 -------- d-----w- c:\program files\WhoCrashed
2012-07-14 15:26 . 2012-07-14 15:26 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-07-14 15:26 . 2012-07-03 11:46 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-07-14 11:52 . 2012-07-14 11:52 388096 ----a-r- c:\documents and settings\majmo\Data aplikací\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-07-14 11:52 . 2012-07-14 11:52 -------- d-----w- c:\program files\Trend Micro
2012-07-12 10:17 . 2012-07-12 10:17 967 ----a-w- c:\windows\ScUnin.pif
2012-07-12 10:17 . 2012-07-12 10:17 68096 ----a-w- c:\windows\ScUnin.exe
2012-07-11 10:13 . 2012-07-11 10:13 -------- d-----w- c:\program files\LG Electronics
2012-07-11 10:13 . 2012-03-02 14:02 25728 ----a-w- c:\windows\system32\drivers\lgandadb.sys
2012-07-11 10:13 . 2012-03-02 14:02 25088 ----a-w- c:\windows\system32\drivers\lgandmodem.sys
2012-07-11 10:13 . 2012-03-02 14:02 20736 ----a-w- c:\windows\system32\drivers\lganddiag.sys
2012-07-11 10:13 . 2012-03-02 14:02 20096 ----a-w- c:\windows\system32\drivers\lgandgps.sys
2012-07-11 10:13 . 2012-03-02 14:02 14336 ----a-w- c:\windows\system32\drivers\lgandbus.sys
2012-07-02 06:07 . 2012-07-14 11:50 -------- d-----w- C:\zaloha 2 gb
2012-06-30 21:43 . 2012-07-12 07:25 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-06-30 21:43 . 2012-07-12 07:25 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-06-27 16:33 . 2012-06-27 16:33 -------- d-----w- c:\documents and settings\majmo\Data aplikací\.minecraft_xray
2012-06-23 07:30 . 2012-07-12 07:25 9822920 ----a-w- c:\windows\system32\FlashPlayerInstaller.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-07-11 15:02 . 2011-04-18 14:37 6544 ----a-w- c:\windows\system32\PerfStringBackup.TMP
2012-06-13 13:55 . 2008-04-14 12:00 1866112 ----a-w- c:\windows\system32\win32k.sys
2012-06-08 10:22 . 2012-06-08 10:22 175104 ----a-w- c:\windows\system32\msiovq32.dll
2012-06-05 15:49 . 2008-04-14 12:00 1372672 ----a-w- c:\windows\system32\msxml6.dll
2012-06-05 15:49 . 2008-04-14 12:00 1172480 ----a-w- c:\windows\system32\msxml3.dll
2012-06-04 04:32 . 2008-04-14 12:00 152576 ----a-w- c:\windows\system32\schannel.dll
2012-06-02 13:19 . 2008-10-16 12:07 15384 ----a-w- c:\windows\system32\wuaucpl.cpl.mui
2012-06-02 13:19 . 2008-10-16 12:08 22552 ----a-w- c:\windows\system32\wucltui.dll.mui
2012-06-02 13:19 . 2009-09-19 19:23 210968 ----a-w- c:\windows\system32\wuweb.dll
2012-06-02 13:19 . 2009-09-19 19:23 329240 ----a-w- c:\windows\system32\wucltui.dll
2012-06-02 13:19 . 2009-09-19 19:23 219160 ----a-w- c:\windows\system32\wuaucpl.cpl
2012-06-02 13:19 . 2009-09-19 19:23 53784 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-02 13:19 . 2009-09-19 19:23 35864 ----a-w- c:\windows\system32\wups.dll
2012-06-02 13:19 . 2008-10-16 12:09 45080 ----a-w- c:\windows\system32\wups2.dll
2012-06-02 13:19 . 2008-10-16 12:07 15384 ----a-w- c:\windows\system32\wuapi.dll.mui
2012-06-02 13:19 . 2008-10-16 12:07 18456 ----a-w- c:\windows\system32\wuaueng.dll.mui
2012-06-02 13:19 . 2008-04-14 12:00 97304 ----a-w- c:\windows\system32\cdm.dll
2012-06-02 13:19 . 2009-09-19 19:23 577048 ----a-w- c:\windows\system32\wuapi.dll
2012-06-02 13:19 . 2009-09-19 19:23 1933848 ----a-w- c:\windows\system32\wuaueng.dll
2012-05-31 13:22 . 2008-04-14 12:00 602112 ----a-w- c:\windows\system32\crypt32.dll
2012-05-16 07:59 . 2008-04-14 12:00 668160 ----a-w- c:\windows\system32\wininet.dll
2012-05-05 03:14 . 2008-04-14 12:00 2150400 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-05-05 03:14 . 2008-04-14 06:06 2028544 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-05-02 13:46 . 2009-09-19 19:21 139656 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-04-20 19:30 . 2008-04-14 12:00 81920 ----a-w- c:\windows\system32\ieencode.dll
2012-04-20 19:30 . 2008-04-14 12:00 61952 ----a-w- c:\windows\system32\tdc.ocx
2012-04-20 19:28 . 2008-04-14 12:00 370176 ----a-w- c:\windows\system32\html.iec
2012-06-18 04:46 . 2011-03-24 21:12 85472 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2009-09-16 . AE54240559D3E4F5D6D1AA661FA71247 . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" [2008-06-24 1840424]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2011-01-20 1305408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IntelZeroConfig"="c:\program files\Intel\WiFi\bin\ZCfgSvc.exe" [2009-02-27 1368064]
"IntelWireless"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2009-02-27 1202448]
"RTHDCPL"="RTHDCPL.EXE" [2008-02-13 16857600]
"AGRSMMSG"="AGRSMMSG.exe" [2006-06-29 89541]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-11-20 12669544]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-11-20 110184]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2009-06-17 55824]
"MGSysCtrl"="c:\program files\System Control Manager\MGSysCtrl.exe" [2007-11-21 180224]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
Bluetooth Manager.lnk - c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtMng1.exe [2007-11-1 421888]
SetPointII.lnk - c:\program files\Logitech\SetPoint II\SetpointII.exe [2009-7-21 323584]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"DisableCAD"= 1 (0x1)
"NoHotStart"= 1 (0x1)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"NoHotStart"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Bluetooth Manager.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Bluetooth Manager.lnk
backup=c:\windows\pss\Bluetooth Manager.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Vypress Chat StartUp.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Vypress Chat StartUp.lnk
backup=c:\windows\pss\Vypress Chat StartUp.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^majmo^Nabídka Start^Programy^Po spuštění^twhirl.lnk]
path=c:\documents and settings\majmo\Nabídka Start\Programy\Po spuštění\twhirl.lnk
backup=c:\windows\pss\twhirl.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-01-02 09:07 843712 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2012-03-27 12:41 37296 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AutoStartNPSAgent]
2009-04-16 07:41 102400 ----a-w- c:\program files\Samsung\Samsung New PC Studio\NPSAgent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\B2C_AGENT]
2012-03-28 00:53 404568 ----a-w- c:\documents and settings\All Users\Data aplikací\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BisonHK]
2007-03-15 14:37 32768 ----a-w- c:\windows\BisonCam\BisonHK.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BsMnt]
2007-03-15 14:34 172032 ----a-w- c:\windows\BisonCam\BsMnt.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware]
2012-07-03 11:46 462920 ----a-w- c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2008-07-09 13:39 570664 ----a-w- c:\program files\Common Files\Nero\Lib\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2011-10-13 07:27 17351304 ----a-r- c:\program files\Skype\Phone\Skype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
2011-08-03 09:30 1242448 ----a-w- c:\games\Steam\Steam.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\BitSpirit\\BitSpirit.exe"=
"c:\\Program Files\\Vypress Chat\\VyChat.exe"=
"d:\\WPMP150\\miranda32.exe"=
"c:\\WINDOWS\\system32\\dplaysvr.exe"=
"c:\\Games\\Steam\\Steam.exe"=
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\Program Files\\Samsung\\Samsung New PC Studio\\npsasvr.exe"=
"c:\\Program Files\\Samsung\\Samsung New PC Studio\\npsvsvr.exe"=
"c:\\Games\\Steam\\steamapps\\_majmo\\opposing force\\hl.exe"=
"c:\\Games\\Steam\\steamapps\\common\\grand theft auto\\WINO\\Grand Theft Auto.exe"=
"c:\\Games\\Steam\\steamapps\\common\\grand theft auto 3\\gta3.exe"=
"c:\\Games\\Steam\\steamapps\\common\\grand theft auto 2\\gta2.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Microsoft Garage\\Mouse without Borders\\MouseWithoutBorders.exe"=
"c:\\Games\\Steam\\steamapps\\common\\magic the gathering tactics\\LaunchPad.exe"=
"c:\\Games\\Steam\\steamapps\\_majmo\\counter-strike\\hl.exe"=
"c:\\Games\\Steam\\steamapps\\_majmo\\source sdk base 2007\\hl2.exe"=
"c:\\Games\\Steam\\steamapps\\_majmo\\half-life\\hl.exe"=
"c:\\Games\\Steam\\steamapps\\common\\realm of the mad god\\Realm of the Mad God.exe"=
"c:\\Program Files\\PANDORA.TV\\PanService\\PandoraService.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"47624:TCP"= 47624:TCP:gta port
"47624:UDP"= 47624:UDP:gta port 2
.
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [20.9.2009 11:18 722416]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [8.2.2011 17:06 218688]
R1 SbFw;SbFw;c:\windows\system32\drivers\SbFw.sys [4.10.2009 11:07 270888]
R3 O2MDRDR;O2MDRDR;c:\windows\system32\drivers\o2media.sys [20.9.2009 10:42 51160]
R3 O2SDRDR;O2SDRDR;c:\windows\system32\drivers\o2sd.sys [20.9.2009 10:42 43736]
S1 sbhips;Sunbelt HIPS Driver;c:\windows\system32\drivers\sbhips.sys [21.6.2008 04:54 66600]
S1 VBoxDrv;VirtualBox Service;c:\windows\system32\drivers\VBoxDrv.sys [23.11.2009 18:52 158512]
S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\drivers\VBoxUSBMon.sys [23.11.2009 18:48 91440]
S2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [15.6.2011 16:53 233472]
S2 LBeepKE;LBeepKE;c:\windows\system32\drivers\LBeepKE.sys [25.6.2010 11:36 10384]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [14.7.2012 17:26 655944]
S2 MouseWithoutBordersSvc;Mouse without Borders Service;c:\program files\Microsoft Garage\Mouse without Borders\MouseWithoutBordersSvc.exe [19.9.2011 16:56 17920]
S2 NishService;SCM Driver Daemon;c:\program files\System Control Manager\edd.exe [16.11.2010 19:57 40960]
S2 NTPCI;NTPCI;c:\windows\system32\drivers\ntpci.sys [20.9.2009 10:42 5632]
S2 PanService;PandoraService;c:\program files\PANDORA.TV\PanService\PandoraService.exe [8.6.2012 09:52 578264]
S2 SbPF.Launcher;SbPF.Launcher;c:\program files\Sunbelt Software\Personal Firewall\SbPFLnch.exe [31.10.2008 07:24 95528]
S2 SPF4;Sunbelt Personal Firewall 4;c:\program files\Sunbelt Software\Personal Firewall\SbPFSvc.exe [31.10.2008 07:24 1365288]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [30.6.2012 23:43 250056]
S3 Amps2prt;A4Tech PS/2 Port Mouse Driver;c:\windows\system32\drivers\Amps2prt.sys [10.2.2007 02:04 14336]
S3 Andbus;LGE Android Platform Composite USB Device;c:\windows\system32\drivers\lgandbus.sys [11.7.2012 12:13 14336]
S3 AndDiag;LGE Android Platform USB Serial Port;c:\windows\system32\drivers\lganddiag.sys [11.7.2012 12:13 20736]
S3 AndGps;LGE Android Platform USB GPS NMEA Port;c:\windows\system32\drivers\lgandgps.sys [11.7.2012 12:13 20096]
S3 ANDModem;LGE Android Platform USB Modem;c:\windows\system32\drivers\lgandmodem.sys [11.7.2012 12:13 25088]
S3 androidusb;ADB Interface Driver;c:\windows\system32\drivers\lgandadb.sys [11.7.2012 12:13 25728]
S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [15.6.2011 16:53 36608]
S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\drivers\ggflt.sys [9.1.2010 11:02 13352]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [14.7.2012 17:26 22344]
S3 MGHwCtrl;MGHwCtrl;c:\windows\system32\drivers\MGHwCtrl.sys [16.11.2010 19:57 9088]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [3.5.2012 15:49 113120]
S3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Miniport;c:\windows\system32\drivers\SbFwIm.sys [4.10.2009 11:07 65576]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\drivers\VBoxNetAdp.sys [23.11.2009 18:51 104752]
S3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\drivers\VBoxNetFlt.sys [19.12.2011 15:11 116016]
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - LBEEPKE
.
Obsah adresáře 'Naplánované úlohy'
.
2012-07-16 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-30 07:25]
.
.
------- Doplňkový sken -------
.
IE: Download Using &BitSpirit - c:\program files\BitSpirit\bsurl.htm
IE: ÓñČĚŘľ«ÁéĎÂÔŘ(&B)
FF - ProfilePath - c:\documents and settings\majmo\Data aplikací\Mozilla\Firefox\Profiles\w5k2or00.default\
FF - prefs.js: browser.startup.homepage - chrome://speeddial/content/speeddial.xul
FF - user.js: extensions.softonic_i.newTab - false
FF - user.js: extensions.softonic_i.tlbrSrchUrl - hxxp://search.softonic.com/MON00005/tb_ ... e=1&cc=&q=
FF - user.js: extensions.softonic_i.id - f450c33a000000000000002185db789a
FF - user.js: extensions.softonic_i.instlDay - 15363
FF - user.js: extensions.softonic_i.vrsn - 1.5.11.5
FF - user.js: extensions.softonic_i.vrsni - 1.5.11.5
FF - user.js: extensions.softonic_i.vrsnTs - 1.5.11.516:12
FF - user.js: extensions.softonic_i.prtnrId - softonic
FF - user.js: extensions.softonic_i.prdct - softonic
FF - user.js: extensions.softonic_i.aflt - SD
FF - user.js: extensions.softonic_i.smplGrp - eng7
FF - user.js: extensions.softonic_i.tlbrId - en11DECdefault
FF - user.js: extensions.softonic_i.instlRef - MON00005
FF - user.js: extensions.softonic_i.dfltLng -
FF - user.js: extensions.softonic_i.excTlbr - false
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKLM-Run-NPSStartup - (no file)
MSConfigStartUp-ROUTE66Sync - c:\program files\ROUTE 66\ROUTE 66 Sync\Sync9Loader.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-07-16 16:40
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\h–€|˙˙˙˙¤•€|ů•6~*]
"AB141C35E9F4BF344B9FC010BB17F68A"=""
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(272)
c:\windows\system32\netprovcredman.dll
.
Celkový čas: 2012-07-16 16:42:33
ComboFix-quarantined-files.txt 2012-07-16 14:42
.
Před spuštěním: Volných bajtů: 10 904 510 464
Po spuštění: Volných bajtů: 11 141 689 344
.
- - End Of File - - 4B2A3C039285FA7DEAB1503B54A7035A

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43298
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Prosim o kontrolu logu, na notesu obcas zcela nahodne BS

Příspěvekod jaro3 » 16 črc 2012 22:47

Závada může být v měniči napětí..
Většinou nafouknuté el. kondenzátory ap.


Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:

Kód: Vybrat vše

ClearJavaCache::

Registry::
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\h–€|˙˙˙˙¤•€|ů•6~ *]
"AB141C35E9F4BF344B9FC010BB17F68A"=-


Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

V možnostech složky si povol zobrazování skrytých souborů a složek+ odškrtni zatržítko skrýt chráněné soubory operačního systému

Toto otestuj na Virustotal
c:\windows\system32\sfcfiles.dll

Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/43 , nebo 1/43. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.

Nebo na:
http://www.virscan.org/

Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra


Zpět na “HiJackThis”

Kdo je online

Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 35 hostů