Prosím o kontrolu HIJACK THIS

[lukas81]

PC nebo spíš notebook se začal nějak extremně sekat a procesor díky tomu je vytížen na cca 60%, když je klid je přibližně na max 10%. Dík za kontrolu a pomoc

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:23:09, on 21.8.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17112)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Program Files\Acer\Acer VCM\RS_Service.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\PROGRA~1\LAUNCH~1\LManager.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\WINDOWS\PLFSetL.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Documents and Settings\All Users\Data aplikací\Ad-Aware Browsing Protection\adawarebp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Acer\Acer VCM\AcerVCM.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\system32\igfxext.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
C:\Program Files\Opera\opera.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACA ... aspire_one
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACA ... aspire_one
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\Audio\Drivers\AzMixerSel.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [snp2uvc] rundll32.exe C:\WINDOWS\system32\csnp2uvc.dll,ResetCIDS
O4 - HKLM\..\Run: [PLFSetL] C:\WINDOWS\PLFSetL.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Ad-Aware Browsing Protection] "C:\Documents and Settings\All Users\Data aplikací\Ad-Aware Browsing Protection\adawarebp.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\S-1-5-21-1698683601-2966927733-1597234714-1005\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User '?')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Acer VCM.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: Raw Socket Service (RS_Service) - Acer Incorporated - C:\Program Files\Acer\Acer VCM\RS_Service.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

--
End of file - 9736 bytes

[Reklama]

[memphisto]

Odinstaluj:
Google Toolbar
Deamon Tools Toolbar

v logu fixni:
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACA ... aspire_one
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACA ... aspire_one
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
- Pokud používáš Firefox, klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
- Pokud používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
- Pokud používáš Chrome, nic dalšího nevybírej a dej Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Update Malwarebytes' Anti-Malware (Aktualizace Malwarebytes' Anti-Malware) a Launch Malwarebytes' Anti-Malware (Spustit aplikaci Malwarebytes' Anti-Malware), pokud jo tak klikni na tlačítko Finish
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Perform Quick Scan (Provést rychlý sken) a klikni na tlačítko Scan (Skenovat)
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- pak zvol možnost Save Logfile a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(ZATÍM SÁM NIC NEMAŽ!).
Vlož sem pak obsah toho logu.

[lukas81]

Udělal jsem vše. Procesy jsou menší, ale když zapnu prohlížeč na seznam tak mám procesy na cca 90% a jsou tam i červené řádky

Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Verze databáze: v2012.08.22.02

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 7.0.5730.13
Kacenka :: KAČA [administrátor]

22.8.2012 10:13:22
mbam-log-2012-08-22 (10-13-22).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 184460
Uplynulý čas: 9 minut, 21 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)

(konec)

[Žbeky]

Jak to vypadá teď?

[lukas81]

Je to lepší,ale až na to, že když otevírám prohlížeč tak je procesor nad 60% a většinou plně červený, ale jde vidět velká změna.

[jaro3]

Stáhni si TDSSKiller
Na svojí plochu.Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller.2.2.7.1._(datum)_log.txt , vlož sem prosím celý obsah logu.

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

[lukas81]

V poledne tady hodím log z Combo Fix. JInak našlo to tam nějaké 4 nebezpečí, zkusil jsem ještě jedno projetí a tam už se nenašlo nic

00:47:37.0640 1884 TDSS rootkit removing tool 2.8.7.0 Aug 20 2012 17:30:03
00:47:37.0843 1884 ============================================================
00:47:37.0843 1884 Current date / time: 2012/08/23 00:47:37.0843
00:47:37.0843 1884 SystemInfo:
00:47:37.0843 1884
00:47:37.0843 1884 OS Version: 5.1.2600 ServicePack: 3.0
00:47:37.0843 1884 Product type: Workstation
00:47:37.0843 1884 ComputerName: KAČA
00:47:37.0843 1884 UserName: Kacenka
00:47:37.0843 1884 Windows directory: C:\WINDOWS
00:47:37.0843 1884 System windows directory: C:\WINDOWS
00:47:37.0843 1884 Processor architecture: Intel x86
00:47:37.0843 1884 Number of processors: 2
00:47:37.0843 1884 Page size: 0x1000
00:47:37.0843 1884 Boot type: Normal boot
00:47:37.0843 1884 ============================================================
00:47:41.0750 1884 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
00:47:41.0828 1884 Drive \Device\Harddisk1\DR3 - Size: 0xEC580000 (3.69 Gb), SectorSize: 0x200, Cylinders: 0x1E2, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
00:47:41.0828 1884 ============================================================
00:47:41.0828 1884 \Device\Harddisk0\DR0:
00:47:41.0828 1884 MBR partitions:
00:47:41.0828 1884 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0xE01000, BlocksNum 0x11C18000
00:47:41.0828 1884 \Device\Harddisk1\DR3:
00:47:41.0828 1884 MBR partitions:
00:47:41.0828 1884 \Device\Harddisk1\DR3\Partition1: MBR, Type 0xB, StartLBA 0x2000, BlocksNum 0x760C00
00:47:41.0828 1884 ============================================================
00:47:41.0890 1884 C: <-> \Device\Harddisk0\DR0\Partition1
00:47:41.0906 1884 ============================================================
00:47:41.0906 1884 Initialize success
00:47:41.0906 1884 ============================================================
00:47:46.0562 2076 ============================================================
00:47:46.0562 2076 Scan started
00:47:46.0562 2076 Mode: Manual;
00:47:46.0562 2076 ============================================================
00:47:46.0765 2076 ================ Scan system memory ========================
00:47:46.0781 2076 System memory - ok
00:47:46.0781 2076 ================ Scan services =============================
00:47:47.0046 2076 Abiosdsk - ok
00:47:47.0109 2076 [ 6ABB91494FE6C59089B9336452AB2EA3 ] abp480n5 C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
00:47:47.0109 2076 abp480n5 - ok
00:47:47.0171 2076 [ 4FE34F1F3126B61FCC6B2043AA8112C9 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
00:47:47.0187 2076 ACPI - ok
00:47:47.0203 2076 [ AFDFF022A01F0B11C776F0860C3B282F ] ACPIEC C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
00:47:47.0203 2076 ACPIEC - ok
00:47:47.0296 2076 [ A9D3B95E8466BD58EEB8A1154654E162 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
00:47:47.0296 2076 AdobeFlashPlayerUpdateSvc - ok
00:47:47.0343 2076 [ 9A11864873DA202C996558B2106B0BBC ] adpu160m C:\WINDOWS\system32\DRIVERS\adpu160m.sys
00:47:47.0359 2076 adpu160m - ok
00:47:47.0421 2076 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
00:47:47.0468 2076 aec - ok
00:47:47.0546 2076 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
00:47:47.0593 2076 AFD - ok
00:47:47.0656 2076 [ 08FD04AA961BDC77FB983F328334E3D7 ] agp440 C:\WINDOWS\system32\DRIVERS\agp440.sys
00:47:47.0656 2076 agp440 - ok
00:47:47.0671 2076 [ 03A7E0922ACFE1B07D5DB2EEB0773063 ] agpCPQ C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
00:47:47.0671 2076 agpCPQ - ok
00:47:47.0687 2076 [ C23EA9B5F46C7F7910DB3EAB648FF013 ] Aha154x C:\WINDOWS\system32\DRIVERS\aha154x.sys
00:47:47.0703 2076 Aha154x - ok
00:47:47.0718 2076 [ 19DD0FB48B0C18892F70E2E7D61A1529 ] aic78u2 C:\WINDOWS\system32\DRIVERS\aic78u2.sys
00:47:47.0718 2076 aic78u2 - ok
00:47:47.0734 2076 [ B7FE594A7468AA0132DEB03FB8E34326 ] aic78xx C:\WINDOWS\system32\DRIVERS\aic78xx.sys
00:47:47.0734 2076 aic78xx - ok
00:47:47.0781 2076 [ 88842DE939A827577BF24243699AC80A ] ALG C:\WINDOWS\System32\alg.exe
00:47:47.0781 2076 ALG - ok
00:47:47.0828 2076 [ 1140AB9938809700B46BB88E46D72A96 ] AliIde C:\WINDOWS\system32\DRIVERS\aliide.sys
00:47:47.0843 2076 AliIde - ok
00:47:47.0859 2076 [ CB08AED0DE2DD889A8A820CD8082D83C ] alim1541 C:\WINDOWS\system32\DRIVERS\alim1541.sys
00:47:47.0859 2076 alim1541 - ok
00:47:47.0968 2076 [ F6AF59D6EEE5E1C304F7F73706AD11D8 ] Ambfilt C:\WINDOWS\system32\drivers\Ambfilt.sys
00:47:48.0046 2076 Ambfilt - ok
00:47:48.0109 2076 [ 95B4FB835E28AA1336CEEB07FD5B9398 ] amdagp C:\WINDOWS\system32\DRIVERS\amdagp.sys
00:47:48.0109 2076 amdagp - ok
00:47:48.0140 2076 [ 79F5ADD8D24BD6893F2903A3E2F3FAD6 ] amsint C:\WINDOWS\system32\DRIVERS\amsint.sys
00:47:48.0140 2076 amsint - ok
00:47:48.0156 2076 AppMgmt - ok
00:47:48.0218 2076 [ A2F96787B7A958989A962EF3824D9CA8 ] AR5416 C:\WINDOWS\system32\DRIVERS\athw.sys
00:47:48.0265 2076 AR5416 - ok
00:47:48.0312 2076 [ 62D318E9A0C8FC9B780008E724283707 ] asc C:\WINDOWS\system32\DRIVERS\asc.sys
00:47:48.0312 2076 asc - ok
00:47:48.0343 2076 [ 69EB0CC7714B32896CCBFD5EDCBEA447 ] asc3350p C:\WINDOWS\system32\DRIVERS\asc3350p.sys
00:47:48.0343 2076 asc3350p - ok
00:47:48.0359 2076 [ 5D8DE112AA0254B907861E9E9C31D597 ] asc3550 C:\WINDOWS\system32\DRIVERS\asc3550.sys
00:47:48.0359 2076 asc3550 - ok
00:47:48.0484 2076 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
00:47:48.0515 2076 aspnet_state - ok
00:47:48.0546 2076 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
00:47:48.0562 2076 AsyncMac - ok
00:47:48.0593 2076 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
00:47:48.0609 2076 atapi - ok
00:47:48.0609 2076 Atdisk - ok
00:47:48.0656 2076 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
00:47:48.0656 2076 Atmarpc - ok
00:47:48.0687 2076 [ DE31B88962A8645DBA5A37B993E7B0F1 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
00:47:48.0703 2076 AudioSrv - ok
00:47:48.0734 2076 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
00:47:48.0734 2076 audstub - ok
00:47:48.0843 2076 [ FE4ED785396EAA554C561992106A35FA ] BCM43XX C:\WINDOWS\system32\DRIVERS\bcmwl5.sys
00:47:48.0890 2076 BCM43XX - ok
00:47:48.0921 2076 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
00:47:48.0921 2076 Beep - ok
00:47:48.0984 2076 [ 19395D092FD85DDC2D9C7729CF5A2AC8 ] BITS C:\WINDOWS\system32\qmgr.dll
00:47:49.0000 2076 BITS - ok
00:47:49.0046 2076 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
00:47:49.0062 2076 cbidf - ok
00:47:49.0078 2076 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
00:47:49.0078 2076 cbidf2k - ok
00:47:49.0125 2076 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
00:47:49.0125 2076 CCDECODE - ok
00:47:49.0140 2076 [ F3EC03299634490E97BBCE94CD2954C7 ] cd20xrnt C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
00:47:49.0140 2076 cd20xrnt - ok
00:47:49.0187 2076 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
00:47:49.0187 2076 Cdaudio - ok
00:47:49.0218 2076 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
00:47:49.0234 2076 Cdfs - ok
00:47:49.0265 2076 [ 4B0A100EAF5C49EF3CCA8C641431EACC ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
00:47:49.0265 2076 Cdrom - ok
00:47:49.0281 2076 Changer - ok
00:47:49.0312 2076 [ E390DC1D7C461D7D56EC53402F329928 ] CiSvc C:\WINDOWS\system32\cisvc.exe
00:47:49.0312 2076 CiSvc - ok
00:47:49.0343 2076 [ 064507A8DFA8C5C7E2FFDDD3E6F424FA ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
00:47:49.0343 2076 ClipSrv - ok
00:47:49.0390 2076 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
00:47:49.0437 2076 clr_optimization_v2.0.50727_32 - ok
00:47:49.0468 2076 [ 0F6C187D38D98F8DF904589A5F94D411 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys
00:47:49.0468 2076 CmBatt - ok
00:47:49.0515 2076 [ 964D0F042ACA51D5644779EB9D9EE40F ] CmdIde C:\WINDOWS\system32\DRIVERS\cmdide.sys
00:47:49.0531 2076 CmdIde - ok
00:47:49.0531 2076 [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys
00:47:49.0546 2076 Compbatt - ok
00:47:49.0562 2076 COMSysApp - ok
00:47:49.0593 2076 [ 3EE529119EED34CD212A215E8C40D4B6 ] Cpqarray C:\WINDOWS\system32\DRIVERS\cpqarray.sys
00:47:49.0609 2076 Cpqarray - ok
00:47:49.0656 2076 [ F3AB0933CBD166D271992F411C27CCAF ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
00:47:49.0656 2076 CryptSvc - ok
00:47:49.0671 2076 [ E550E7418984B65A78299D248F0A7F36 ] dac2w2k C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
00:47:49.0687 2076 dac2w2k - ok
00:47:49.0703 2076 [ 683789CAA3864EB46125AE86FF677D34 ] dac960nt C:\WINDOWS\system32\DRIVERS\dac960nt.sys
00:47:49.0703 2076 dac960nt - ok
00:47:49.0765 2076 [ BE27674D1CBC3214AEC84B4336A38BBF ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
00:47:49.0781 2076 DcomLaunch - ok
00:47:49.0812 2076 [ 8C9A53E285AC5E6704844D0459EC85BE ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
00:47:49.0828 2076 Dhcp - ok
00:47:49.0859 2076 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
00:47:49.0859 2076 Disk - ok
00:47:49.0921 2076 [ 08D30AF92C270F2E76787C81589DBAD6 ] DKbFltr C:\WINDOWS\system32\DRIVERS\DKbFltr.sys
00:47:49.0921 2076 DKbFltr - ok
00:47:49.0937 2076 dmadmin - ok
00:47:49.0984 2076 [ DB5FD2BF5B07DC54BFCB3664FF05BD7C ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
00:47:50.0015 2076 dmboot - ok
00:47:50.0031 2076 [ FFF1720AF51171F32F1EAD5CF71F2810 ] dmio C:\WINDOWS\system32\drivers\dmio.sys
00:47:50.0031 2076 dmio - ok
00:47:50.0062 2076 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
00:47:50.0062 2076 dmload - ok
00:47:50.0093 2076 [ 2BFEFE9E865655A76982F050450B9591 ] dmserver C:\WINDOWS\System32\dmserver.dll
00:47:50.0093 2076 dmserver - ok
00:47:50.0140 2076 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
00:47:50.0140 2076 DMusic - ok
00:47:50.0187 2076 [ DFAA406BF19F4EE806A6F8D4342137F7 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
00:47:50.0203 2076 Dnscache - ok
00:47:50.0234 2076 [ 4A3E2BD20157A0946751229E92EB8621 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
00:47:50.0234 2076 Dot3svc - ok
00:47:50.0281 2076 [ 40F3B93B4E5B0126F2F5C0A7A5E22660 ] dpti2o C:\WINDOWS\system32\DRIVERS\dpti2o.sys
00:47:50.0281 2076 dpti2o - ok
00:47:50.0375 2076 [ 5C918D413F5837E67A85775C9873775E ] DritekPortIO C:\PROGRA~1\LAUNCH~1\DPortIO.sys
00:47:50.0453 2076 DritekPortIO - ok
00:47:50.0484 2076 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
00:47:50.0484 2076 drmkaud - ok
00:47:50.0546 2076 [ 0887D9C2BE8D940778CAD1E3B85F2A41 ] EapHost C:\WINDOWS\System32\eapsvc.dll
00:47:50.0546 2076 EapHost - ok
00:47:50.0578 2076 [ A2A4912798F2BE706ABADD3D30800D16 ] ERSvc C:\WINDOWS\System32\ersvc.dll
00:47:50.0578 2076 ERSvc - ok
00:47:50.0640 2076 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] Eventlog C:\WINDOWS\system32\services.exe
00:47:50.0656 2076 Eventlog - ok
00:47:50.0687 2076 [ A371F11EF07653591C8DE26AFB13CE7F ] EventSystem C:\WINDOWS\system32\es.dll
00:47:50.0687 2076 EventSystem - ok
00:47:50.0750 2076 [ 3AED3B6B78F3506E363A4B64B7309568 ] ewusbnet C:\WINDOWS\system32\DRIVERS\ewusbnet.sys
00:47:50.0750 2076 ewusbnet - ok
00:47:50.0812 2076 [ 57C171EA22F0A7F068FCB0CAEDD1E8E7 ] ew_hwusbdev C:\WINDOWS\system32\DRIVERS\ew_hwusbdev.sys
00:47:50.0812 2076 ew_hwusbdev - ok
00:47:50.0875 2076 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
00:47:50.0875 2076 Fastfat - ok
00:47:50.0937 2076 [ EE9A2B9EA968A792A053C9D1A86BF870 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
00:47:50.0953 2076 FastUserSwitchingCompatibility - ok
00:47:51.0015 2076 [ 2CD14C70D1D81AF054AA5ED8024DCAE6 ] Fax C:\WINDOWS\system32\fxssvc.exe
00:47:51.0015 2076 Fax - ok
00:47:51.0031 2076 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
00:47:51.0031 2076 Fdc - ok
00:47:51.0093 2076 [ AC366695A0796560AA37215AD5762AAF ] Fips C:\WINDOWS\system32\drivers\Fips.sys
00:47:51.0093 2076 Fips - ok
00:47:51.0109 2076 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
00:47:51.0109 2076 Flpydisk - ok
00:47:51.0156 2076 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys
00:47:51.0156 2076 FltMgr - ok
00:47:51.0218 2076 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
00:47:51.0218 2076 FontCache3.0.0.0 - ok
00:47:51.0234 2076 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
00:47:51.0234 2076 Fs_Rec - ok
00:47:51.0250 2076 [ 4E664D8541DB4A66B73A24257E322E1F ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
00:47:51.0250 2076 Ftdisk - ok
00:47:51.0359 2076 [ 9F5F2F0FB0A7F5AA9F16B9A7B6DAD89F ] GoogleDesktopManager-051210-111108 C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
00:47:51.0359 2076 GoogleDesktopManager-051210-111108 - ok
00:47:51.0421 2076 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
00:47:51.0421 2076 Gpc - ok
00:47:51.0484 2076 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
00:47:51.0484 2076 gupdate - ok
00:47:51.0500 2076 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
00:47:51.0500 2076 gupdatem - ok
00:47:51.0546 2076 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
00:47:51.0546 2076 gusvc - ok
00:47:51.0609 2076 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
00:47:51.0625 2076 HDAudBus - ok
00:47:51.0703 2076 [ FCFE31FB75F8A6295B6B0AF87A626282 ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
00:47:51.0703 2076 helpsvc - ok
00:47:51.0734 2076 [ 00E25EE90166B3E1BE6E74AEBF858306 ] HidServ C:\WINDOWS\System32\hidserv.dll
00:47:51.0734 2076 HidServ - ok
00:47:51.0781 2076 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
00:47:51.0781 2076 HidUsb - ok
00:47:51.0828 2076 [ 7A6B320928F86BC851530D63C82965D9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
00:47:51.0843 2076 hkmsvc - ok
00:47:51.0906 2076 [ B028377DEA0546A5FCFBA928A8AEFAE0 ] hpn C:\WINDOWS\system32\DRIVERS\hpn.sys
00:47:51.0906 2076 hpn - ok
00:47:51.0968 2076 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
00:47:51.0968 2076 HTTP - ok
00:47:52.0000 2076 [ 58FE2F2DA3BC5573F4A35B3760D3125F ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
00:47:52.0015 2076 HTTPFilter - ok
00:47:52.0078 2076 [ 4183BE439981BBC77EF2C1D66629F124 ] Huawei C:\WINDOWS\system32\DRIVERS\ewdcsc.sys
00:47:52.0078 2076 Huawei - ok
00:47:52.0140 2076 [ 033CF42B457366CFA1F8C669C5E30233 ] huawei_enumerator C:\WINDOWS\system32\DRIVERS\ew_jubusenum.sys
00:47:52.0156 2076 huawei_enumerator - ok
00:47:52.0203 2076 [ 90CF9FDF55B12BCCD69CA1C3C9DC6ADB ] hwdatacard C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys
00:47:52.0218 2076 hwdatacard - ok
00:47:52.0265 2076 [ B93D3C81EF1D372DC5BD5E6275362E1A ] hwusbfake C:\WINDOWS\system32\DRIVERS\ewusbfake.sys
00:47:52.0281 2076 hwusbfake - ok
00:47:52.0343 2076 [ 9368670BD426EBEA5E8B18A62416EC28 ] i2omgmt C:\WINDOWS\system32\drivers\i2omgmt.sys
00:47:52.0343 2076 i2omgmt - ok
00:47:52.0375 2076 [ F10863BF1CCC290BABD1A09188AE49E0 ] i2omp C:\WINDOWS\system32\DRIVERS\i2omp.sys
00:47:52.0375 2076 i2omp - ok
00:47:52.0421 2076 [ C528E27945367191E7BAE364930B6932 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
00:47:52.0437 2076 i8042prt - ok
00:47:52.0531 2076 [ CB686F44BF955EA02520710A56874FA4 ] IAANTMON C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
00:47:52.0546 2076 IAANTMON - ok
00:47:52.0781 2076 [ 48846B31BE5A4FA662CCFDE7A1BA86B9 ] ialm C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
00:47:53.0000 2076 ialm - ok
00:47:53.0046 2076 [ DB0CC620B27A928D968C1A1E9CD9CB87 ] iaStor C:\WINDOWS\system32\drivers\iaStor.sys
00:47:53.0062 2076 iaStor - ok
00:47:53.0171 2076 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
00:47:53.0203 2076 idsvc - ok
00:47:53.0250 2076 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
00:47:53.0265 2076 Imapi - ok
00:47:53.0312 2076 [ F7B93AAFAD33B2320954C17E26C8D361 ] ImapiService C:\WINDOWS\system32\imapi.exe
00:47:53.0312 2076 ImapiService - ok
00:47:53.0359 2076 [ 4A40E045FAEE58631FD8D91AFC620719 ] ini910u C:\WINDOWS\system32\DRIVERS\ini910u.sys
00:47:53.0359 2076 ini910u - ok
00:47:53.0375 2076 int15.sys - ok
00:47:53.0578 2076 [ CB1113029FAE50C685198EABD9885161 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
00:47:53.0765 2076 IntcAzAudAddService - ok
00:47:53.0812 2076 [ 57D928E548B38502ABBA7A77A6EB7312 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
00:47:53.0812 2076 IntelIde - ok
00:47:53.0828 2076 [ 27B290D632AF2CF3CF40BFDDB7370985 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
00:47:53.0828 2076 intelppm - ok
00:47:53.0875 2076 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
00:47:53.0875 2076 Ip6Fw - ok
00:47:53.0906 2076 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
00:47:53.0921 2076 IpFilterDriver - ok
00:47:53.0953 2076 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
00:47:53.0953 2076 IpInIp - ok
00:47:54.0000 2076 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
00:47:54.0000 2076 IpNat - ok
00:47:54.0046 2076 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
00:47:54.0046 2076 IPSec - ok
00:47:54.0078 2076 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
00:47:54.0078 2076 IRENUM - ok
00:47:54.0156 2076 [ CC9F8A2D60AED1A51A3AC34C59B987AE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
00:47:54.0156 2076 isapnp - ok
00:47:54.0234 2076 [ 39133291CB607BDD87CFC565A4A1E7A5 ] JavaQuickStarterService C:\Program Files\Java\jre6\bin\jqs.exe
00:47:54.0234 2076 JavaQuickStarterService - ok
00:47:54.0281 2076 [ 1B6162FE7F66B1A71A4B70F941C4AA9B ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
00:47:54.0281 2076 Kbdclass - ok
00:47:54.0328 2076 [ 86C8F23616C6C6E5B2776901C17B945B ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
00:47:54.0328 2076 kbdhid - ok
00:47:54.0375 2076 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
00:47:54.0390 2076 kmixer - ok
00:47:54.0437 2076 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
00:47:54.0468 2076 KSecDD - ok
00:47:54.0531 2076 [ 6C8658587E91EA25B0FD2E71781AD228 ] L1c C:\WINDOWS\system32\DRIVERS\l1c51x86.sys
00:47:54.0531 2076 L1c - ok
00:47:54.0578 2076 [ 3428E8F86F8ADD36B42FB23542C7B3E4 ] LanmanServer C:\WINDOWS\System32\srvsvc.dll
00:47:54.0593 2076 LanmanServer - ok
00:47:54.0593 2076 lbrtfdc - ok
00:47:54.0656 2076 [ 0AB159F536E3E8F7F07113702A07CCA5 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
00:47:54.0656 2076 LmHosts - ok
00:47:54.0750 2076 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
00:47:54.0750 2076 Microsoft Office Groove Audit Service - ok
00:47:54.0812 2076 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
00:47:54.0812 2076 mnmdd - ok
00:47:54.0843 2076 [ 9A57D046F88F4B69751B11FD40088A61 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
00:47:54.0875 2076 mnmsrvc - ok
00:47:54.0906 2076 [ 44032B0C6D9954D3FD26438330B99EE7 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
00:47:54.0921 2076 Modem - ok
00:47:55.0000 2076 [ 9FA7207D1B1ADEAD88AE8EED9CDBBAA5 ] Monfilt C:\WINDOWS\system32\drivers\Monfilt.sys
00:47:55.0031 2076 Monfilt - ok
00:47:55.0078 2076 [ 4CB582831DBDE63CE43B45D771218374 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
00:47:55.0078 2076 Mouclass - ok
00:47:55.0125 2076 [ BB269EBA740737AB749B214D568B6812 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
00:47:55.0140 2076 mouhid - ok
00:47:55.0171 2076 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
00:47:55.0171 2076 MountMgr - ok
00:47:55.0218 2076 [ D993BEA500E7382DC4E760BF4F35EFCB ] MpFilter C:\WINDOWS\system32\DRIVERS\MpFilter.sys
00:47:55.0218 2076 MpFilter - ok
00:47:55.0265 2076 [ 3F4BB95E5A44F3BE34824E8E7CAF0737 ] mraid35x C:\WINDOWS\system32\DRIVERS\mraid35x.sys
00:47:55.0281 2076 mraid35x - ok
00:47:55.0312 2076 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
00:47:55.0312 2076 MRxDAV - ok
00:47:55.0343 2076 [ 6DB4D1521CABA9A5FFAB54ADE0AE867D ] MSDTC C:\WINDOWS\system32\msdtc.exe
00:47:55.0359 2076 MSDTC - ok
00:47:55.0375 2076 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
00:47:55.0375 2076 Msfs - ok
00:47:55.0390 2076 MSIServer - ok
00:47:55.0421 2076 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
00:47:55.0421 2076 MSKSSRV - ok
00:47:55.0500 2076 [ 24516BF4E12A46CB67302E2CDCB8CDDF ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
00:47:55.0500 2076 MsMpSvc - ok
00:47:55.0546 2076 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
00:47:55.0546 2076 MSPCLOCK - ok
00:47:55.0578 2076 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
00:47:55.0578 2076 MSPQM - ok
00:47:55.0625 2076 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
00:47:55.0625 2076 mssmbios - ok
00:47:55.0656 2076 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
00:47:55.0656 2076 MSTEE - ok
00:47:55.0703 2076 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
00:47:55.0703 2076 Mup - ok
00:47:55.0734 2076 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
00:47:55.0734 2076 NABTSFEC - ok
00:47:55.0781 2076 [ 6EA362E9DB03D44F6B996F4D8BE237E9 ] napagent C:\WINDOWS\System32\qagentrt.dll
00:47:55.0796 2076 napagent - ok
00:47:55.0828 2076 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
00:47:55.0843 2076 NDIS - ok
00:47:55.0875 2076 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
00:47:55.0875 2076 NdisIP - ok
00:47:55.0921 2076 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
00:47:55.0921 2076 NdisTapi - ok
00:47:55.0968 2076 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
00:47:55.0968 2076 Ndisuio - ok
00:47:55.0984 2076 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
00:47:56.0000 2076 NdisWan - ok
00:47:56.0046 2076 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
00:47:56.0046 2076 NDProxy - ok
00:47:56.0093 2076 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
00:47:56.0109 2076 NetBT - ok
00:47:56.0125 2076 [ 933DE774986EC85E48210C44AB431DE6 ] NetDDE C:\WINDOWS\system32\netdde.exe
00:47:56.0140 2076 NetDDE - ok
00:47:56.0140 2076 [ 933DE774986EC85E48210C44AB431DE6 ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
00:47:56.0156 2076 NetDDEdsdm - ok
00:47:56.0187 2076 [ 72E1E9E2977BE08BDEEDB6D8FD9D4D40 ] Netman C:\WINDOWS\System32\netman.dll
00:47:56.0203 2076 Netman - ok
00:47:56.0265 2076 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
00:47:56.0265 2076 NetTcpPortSharing - ok
00:47:56.0328 2076 [ 39EE7C3BFBC64BA87CC8CF67386E814C ] Nla C:\WINDOWS\System32\mswsock.dll
00:47:56.0343 2076 Nla - ok
00:47:56.0375 2076 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
00:47:56.0375 2076 Npfs - ok
00:47:56.0421 2076 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
00:47:56.0453 2076 Ntfs - ok
00:47:56.0515 2076 [ 023DD70573D644F3D9C8B1258A7BFD08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
00:47:56.0531 2076 NtmsSvc - ok
00:47:56.0578 2076 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
00:47:56.0578 2076 Null - ok
00:47:56.0593 2076 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
00:47:56.0609 2076 NwlnkFlt - ok
00:47:56.0625 2076 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
00:47:56.0625 2076 NwlnkFwd - ok
00:47:56.0734 2076 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
00:47:56.0750 2076 odserv - ok
00:47:56.0781 2076 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
00:47:56.0796 2076 ose - ok
00:47:56.0859 2076 [ 46F8DB73B4A53E543F8E371DC7C75BAE ] Parport C:\WINDOWS\system32\drivers\Parport.sys
00:47:56.0859 2076 Parport - ok
00:47:56.0906 2076 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
00:47:56.0921 2076 PartMgr - ok
00:47:56.0953 2076 [ 1FAE19D0457176318BBA4A8795656EBC ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
00:47:56.0953 2076 ParVdm - ok
00:47:56.0953 2076 PCASp50 - ok
00:47:57.0015 2076 [ FD2041E9BA03DB7764B2248F02475079 ] pccsmcfd C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
00:47:57.0156 2076 pccsmcfd - ok
00:47:57.0187 2076 [ 6CE351D149CB4BEFC702951E471E1730 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
00:47:57.0203 2076 PCI - ok
00:47:57.0218 2076 PCIDump - ok
00:47:57.0218 2076 [ 2DA4EC85E0EA7A45C6B2A05820492D5A ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
00:47:57.0234 2076 PCIIde - ok
00:47:57.0265 2076 [ 4FC31E6C19A5CE5198B1ABFF94CAE758 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
00:47:57.0265 2076 Pcmcia - ok
00:47:57.0281 2076 PDCOMP - ok
00:47:57.0296 2076 PDFRAME - ok
00:47:57.0312 2076 PDRELI - ok
00:47:57.0312 2076 PDRFRAME - ok
00:47:57.0328 2076 [ 6C14B9C19BA84F73D3A86DBA11133101 ] perc2 C:\WINDOWS\system32\DRIVERS\perc2.sys
00:47:57.0343 2076 perc2 - ok
00:47:57.0343 2076 [ F50F7C27F131AFE7BEBA13E14A3B9416 ] perc2hib C:\WINDOWS\system32\DRIVERS\perc2hib.sys
00:47:57.0359 2076 perc2hib - ok
00:47:57.0406 2076 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] PlugPlay C:\WINDOWS\system32\services.exe
00:47:57.0421 2076 PlugPlay - ok
00:47:57.0453 2076 [ 0E01D7EEBADA0B324DB0CA1EE73440BA ] PnkBstrA C:\WINDOWS\system32\PnkBstrA.exe
00:47:57.0453 2076 PnkBstrA - ok
00:47:57.0484 2076 [ 1428E6CC1458A36CBFC1F2E304C7C42D ] PnkBstrB C:\WINDOWS\system32\PnkBstrB.exe
00:47:57.0500 2076 PnkBstrB - ok
00:47:57.0531 2076 [ ED0A176354487CEED65B80A7148AB739 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
00:47:57.0531 2076 PolicyAgent - ok
00:47:57.0562 2076 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
00:47:57.0562 2076 PptpMiniport - ok
00:47:57.0562 2076 [ ED0A176354487CEED65B80A7148AB739 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
00:47:57.0578 2076 ProtectedStorage - ok
00:47:57.0593 2076 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
00:47:57.0593 2076 PSched - ok
00:47:57.0609 2076 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
00:47:57.0609 2076 Ptilink - ok
00:47:57.0625 2076 [ 0A63FB54039EB5662433CABA3B26DBA7 ] ql1080 C:\WINDOWS\system32\DRIVERS\ql1080.sys
00:47:57.0625 2076 ql1080 - ok
00:47:57.0656 2076 [ 6503449E1D43A0FF0201AD5CB1B8C706 ] Ql10wnt C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
00:47:57.0656 2076 Ql10wnt - ok
00:47:57.0687 2076 [ 156ED0EF20C15114CA097A34A30D8A01 ] ql12160 C:\WINDOWS\system32\DRIVERS\ql12160.sys
00:47:57.0687 2076 ql12160 - ok
00:47:57.0703 2076 [ 70F016BEBDE6D29E864C1230A07CC5E6 ] ql1240 C:\WINDOWS\system32\DRIVERS\ql1240.sys
00:47:57.0703 2076 ql1240 - ok
00:47:57.0718 2076 [ 907F0AEEA6BC451011611E732BD31FCF ] ql1280 C:\WINDOWS\system32\DRIVERS\ql1280.sys
00:47:57.0718 2076 ql1280 - ok
00:47:57.0750 2076 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
00:47:57.0750 2076 RasAcd - ok
00:47:57.0796 2076 [ 2B5E44EA009F2F374B980E1E9A70635D ] RasAuto C:\WINDOWS\System32\rasauto.dll
00:47:57.0812 2076 RasAuto - ok
00:47:57.0843 2076 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
00:47:57.0843 2076 Rasl2tp - ok
00:47:57.0875 2076 [ D57554C664B64604BD1EE13EA2C07E77 ] RasMan C:\WINDOWS\System32\rasmans.dll
00:47:57.0875 2076 RasMan - ok
00:47:57.0890 2076 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
00:47:57.0890 2076 RasPppoe - ok
00:47:57.0937 2076 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
00:47:57.0937 2076 Raspti - ok
00:47:57.0953 2076 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
00:47:57.0953 2076 RDPCDD - ok
00:47:58.0000 2076 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
00:47:58.0000 2076 rdpdr - ok
00:47:58.0046 2076 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
00:47:58.0046 2076 RDPWD - ok
00:47:58.0078 2076 [ C0D9D9711CB74EE9BC66353D8CBDAB0E ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
00:47:58.0093 2076 RDSessMgr - ok
00:47:58.0140 2076 [ 611BFD220305BE3A85AE876EA47D4AA5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
00:47:58.0140 2076 redbook - ok
00:47:58.0187 2076 [ 127C26B5371651043450E52542099ABA ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
00:47:58.0187 2076 RemoteAccess - ok
00:47:58.0234 2076 [ BE27674D1CBC3214AEC84B4336A38BBF ] RpcSs C:\WINDOWS\system32\rpcss.dll
00:47:58.0250 2076 RpcSs - ok
00:47:58.0296 2076 [ 7FFA9821B1C5E0E0667E0A2685CFB89F ] RSUSBSTOR C:\WINDOWS\system32\Drivers\RtsUStor.sys
00:47:58.0312 2076 RSUSBSTOR - ok
00:47:58.0375 2076 [ 09AB2E71E58B078038E3BFDBA7FFC984 ] RSVP C:\WINDOWS\system32\rsvp.exe
00:47:58.0375 2076 RSVP - ok
00:47:58.0468 2076 [ 8E250687E5F020CD337CC9D8252C0B56 ] RS_Service C:\Program Files\Acer\Acer VCM\RS_Service.exe
00:47:58.0468 2076 RS_Service - ok
00:47:58.0484 2076 Rts516xIR - ok
00:47:58.0515 2076 [ ED0A176354487CEED65B80A7148AB739 ] SamSs C:\WINDOWS\system32\lsass.exe
00:47:58.0515 2076 SamSs - ok
00:47:58.0515 2076 SBRE - ok
00:47:58.0578 2076 [ 410046E401EB11E1E6749E9DEEA41D4A ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
00:47:58.0593 2076 SCardSvr - ok
00:47:58.0625 2076 [ 3FF232A7731621B8902D81D42418C93C ] Schedule C:\WINDOWS\system32\schedsvc.dll
00:47:58.0640 2076 Schedule - ok
00:47:58.0671 2076 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
00:47:58.0671 2076 Secdrv - ok
00:47:58.0703 2076 [ 477E2C3CC5E4A0D635BCB0EA8DCAC3C6 ] seclogon C:\WINDOWS\System32\seclogon.dll
00:47:58.0703 2076 seclogon - ok
00:47:58.0718 2076 [ A530B75C10C23C9AB28FDB6CE719E21F ] SENS C:\WINDOWS\system32\sens.dll
00:47:58.0718 2076 SENS - ok
00:47:58.0734 2076 [ B842729337C9B921615C40D3C1A1AF96 ] Serial C:\WINDOWS\system32\drivers\Serial.sys
00:47:58.0734 2076 Serial - ok
00:47:58.0828 2076 [ C15B813F2FDB44F87F23312472C6E790 ] ServiceLayer C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
00:47:58.0843 2076 ServiceLayer - ok
00:47:58.0921 2076 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
00:47:58.0921 2076 Sfloppy - ok
00:47:58.0984 2076 [ F58FACA9621D2DB01BD0927D9A0A208E ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
00:47:59.0000 2076 SharedAccess - ok
00:47:59.0015 2076 [ EE9A2B9EA968A792A053C9D1A86BF870 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
00:47:59.0015 2076 ShellHWDetection - ok
00:47:59.0031 2076 Simbad - ok
00:47:59.0093 2076 [ 6B33D0EBD30DB32E27D1D78FE946A754 ] sisagp C:\WINDOWS\system32\DRIVERS\sisagp.sys
00:47:59.0093 2076 sisagp - ok
00:47:59.0156 2076 [ C70AEBD3608ED9FCEA2A1BAE83567FFC ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
00:47:59.0156 2076 SkypeUpdate - ok
00:47:59.0203 2076 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
00:47:59.0203 2076 SLIP - ok
00:47:59.0328 2076 [ C792610F7D2009352721C1AE38DA0619 ] SNP2UVC C:\WINDOWS\system32\DRIVERS\snp2uvc.sys
00:47:59.0390 2076 SNP2UVC - ok
00:47:59.0453 2076 [ 83C0F71F86D3BDAF915685F3D568B20E ] Sparrow C:\WINDOWS\system32\DRIVERS\sparrow.sys
00:47:59.0453 2076 Sparrow - ok
00:47:59.0500 2076 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
00:47:59.0500 2076 splitter - ok
00:47:59.0546 2076 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
00:47:59.0546 2076 Spooler - ok
00:47:59.0593 2076 [ CDDDEC541BC3C96F91ECB48759673505 ] sptd C:\WINDOWS\system32\Drivers\sptd.sys
00:47:59.0593 2076 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\sptd.sys. md5: CDDDEC541BC3C96F91ECB48759673505
00:47:59.0609 2076 sptd ( LockedFile.Multi.Generic ) - warning
00:47:59.0609 2076 sptd - detected LockedFile.Multi.Generic (1)
00:47:59.0625 2076 [ 94610C8653635E4459316A0050D55CE7 ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
00:47:59.0625 2076 sr - ok
00:47:59.0687 2076 [ 35B91147124F64AC8081A2EDB9EA4DEE ] srservice C:\WINDOWS\system32\srsvc.dll
00:47:59.0703 2076 srservice - ok
00:47:59.0750 2076 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
00:47:59.0765 2076 Srv - ok
00:47:59.0781 2076 [ BECD5271DC4E3B7C3D035F790FCBC1E5 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
00:47:59.0796 2076 SSDPSRV - ok
00:47:59.0828 2076 [ C1CDD9275F6A115BB0AE1D55D8D27BA6 ] stisvc C:\WINDOWS\system32\wiaservc.dll
00:47:59.0843 2076 stisvc - ok
00:47:59.0875 2076 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
00:47:59.0875 2076 streamip - ok
00:47:59.0921 2076 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
00:47:59.0921 2076 swenum - ok
00:47:59.0984 2076 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
00:47:59.0984 2076 swmidi - ok
00:48:00.0000 2076 SwPrv - ok
00:48:00.0046 2076 [ 1FF3217614018630D0A6758630FC698C ] symc810 C:\WINDOWS\system32\DRIVERS\symc810.sys
00:48:00.0046 2076 symc810 - ok
00:48:00.0062 2076 [ 070E001D95CF725186EF8B20335F933C ] symc8xx C:\WINDOWS\system32\DRIVERS\symc8xx.sys
00:48:00.0062 2076 symc8xx - ok
00:48:00.0078 2076 [ 80AC1C4ABBE2DF3B738BF15517A51F2C ] sym_hi C:\WINDOWS\system32\DRIVERS\sym_hi.sys
00:48:00.0078 2076 sym_hi - ok
00:48:00.0093 2076 [ BF4FAB949A382A8E105F46EBB4937058 ] sym_u3 C:\WINDOWS\system32\DRIVERS\sym_u3.sys
00:48:00.0093 2076 sym_u3 - ok
00:48:00.0140 2076 [ 5C3E900F41426A372DE60675AFC8AA07 ] SynTP C:\WINDOWS\system32\DRIVERS\SynTP.sys
00:48:00.0140 2076 SynTP - ok
00:48:00.0156 2076 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
00:48:00.0171 2076 sysaudio - ok
00:48:00.0218 2076 [ CE06F01B88ACE199A1BF460CAC29C110 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
00:48:00.0218 2076 SysmonLog - ok
00:48:00.0265 2076 [ C2546CD7A398476F9DF5614B2AE160E8 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
00:48:00.0265 2076 TapiSrv - ok
00:48:00.0328 2076 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
00:48:00.0343 2076 Tcpip - ok
00:48:00.0390 2076 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
00:48:00.0390 2076 TDPIPE - ok
00:48:00.0406 2076 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
00:48:00.0406 2076 TDTCP - ok
00:48:00.0453 2076 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
00:48:00.0468 2076 TermDD - ok
00:48:00.0531 2076 [ A75DD6FC3DBEE4FFF5EBC9F2C28BB66E ] TermService C:\WINDOWS\System32\termsrv.dll
00:48:00.0546 2076 TermService - ok
00:48:00.0578 2076 [ EE9A2B9EA968A792A053C9D1A86BF870 ] Themes C:\WINDOWS\System32\shsvcs.dll
00:48:00.0578 2076 Themes - ok
00:48:00.0625 2076 [ FD4FD7D6FDA5C019ED86025D7BE1510F ] TosIde C:\WINDOWS\system32\DRIVERS\toside.sys
00:48:00.0640 2076 TosIde - ok
00:48:00.0671 2076 [ 38853304CCB938D30E0C4CDE8D2C2A8A ] TrkWks C:\WINDOWS\system32\trkwks.dll
00:48:00.0671 2076 TrkWks - ok
00:48:00.0703 2076 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
00:48:00.0703 2076 Udfs - ok
00:48:00.0718 2076 [ 1B698A51CD528D8DA4FFAED66DFC51B9 ] ultra C:\WINDOWS\system32\DRIVERS\ultra.sys
00:48:00.0718 2076 ultra - ok
00:48:00.0765 2076 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
00:48:00.0765 2076 Update - ok
00:48:00.0812 2076 [ 651BD90DCEE5B7BDC74A2EB7C9266F9E ] upnphost C:\WINDOWS\System32\upnphost.dll
00:48:00.0812 2076 upnphost - ok
00:48:00.0859 2076 [ 20A0F6A11959E92908717D09E87D670D ] UPS C:\WINDOWS\System32\ups.exe
00:48:00.0859 2076 UPS - ok
00:48:00.0906 2076 [ E919708DB44ED8543A7C017953148330 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
00:48:00.0906 2076 usbaudio - ok
00:48:00.0953 2076 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
00:48:00.0953 2076 usbccgp - ok
00:48:00.0968 2076 USBCCID - ok
00:48:01.0015 2076 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
00:48:01.0015 2076 usbehci - ok
00:48:01.0062 2076 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
00:48:01.0062 2076 usbhub - ok
00:48:01.0109 2076 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
00:48:01.0109 2076 usbscan - ok
00:48:01.0140 2076 [ 1C888B000C2F9492F4B15B5B6B84873E ] usbser C:\WINDOWS\system32\drivers\usbser.sys
00:48:01.0140 2076 usbser - ok
00:48:01.0203 2076 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
00:48:01.0203 2076 USBSTOR - ok
00:48:01.0265 2076 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
00:48:01.0265 2076 usbuhci - ok
00:48:01.0296 2076 [ 63BBFCA7F390F4C49ED4B96BFB1633E0 ] usbvideo C:\WINDOWS\system32\Drivers\usbvideo.sys
00:48:01.0296 2076 usbvideo - ok
00:48:01.0343 2076 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
00:48:01.0343 2076 VgaSave - ok
00:48:01.0406 2076 [ 754292CE5848B3738281B4F3607EAEF4 ] viaagp C:\WINDOWS\system32\DRIVERS\viaagp.sys
00:48:01.0406 2076 viaagp - ok
00:48:01.0421 2076 [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E ] ViaIde C:\WINDOWS\system32\DRIVERS\viaide.sys
00:48:01.0421 2076 ViaIde - ok
00:48:01.0437 2076 [ 28A4B296B47782173C346E376CB374D1 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
00:48:01.0437 2076 VolSnap - ok
00:48:01.0484 2076 [ D6BA1A63D9E00933F1CD2A885573AFB2 ] VSS C:\WINDOWS\System32\vssvc.exe
00:48:01.0484 2076 VSS - ok
00:48:01.0515 2076 [ FA4E1CDBA256787F2149F4AAD07BC91F ] W32Time C:\WINDOWS\system32\w32time.dll
00:48:01.0531 2076 W32Time - ok
00:48:01.0593 2076 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
00:48:01.0609 2076 Wanarp - ok
00:48:01.0671 2076 [ D918617B46457B9AC28027722E30F647 ] Wdf01000 C:\WINDOWS\system32\Drivers\wdf01000.sys
00:48:01.0687 2076 Wdf01000 - ok
00:48:01.0687 2076 WDICA - ok
00:48:01.0734 2076 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
00:48:01.0750 2076 wdmaud - ok
00:48:01.0781 2076 [ 47AE51048A82DFA1CD6B51D369F7E169 ] WebClient C:\WINDOWS\System32\webclnt.dll
00:48:01.0796 2076 WebClient - ok
00:48:01.0859 2076 [ E488332126E3B1182D2B8A0C35408EC6 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
00:48:01.0859 2076 winmgmt - ok
00:48:01.0921 2076 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
00:48:01.0937 2076 WmdmPmSN - ok
00:48:01.0953 2076 [ C42584FD66CE9E17403AEBCA199F7BDB ] WmiAcpi C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
00:48:01.0984 2076 WmiAcpi - ok
00:48:02.0031 2076 [ 23F6F03272F7E5679F1F050AED5ACEE6 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
00:48:02.0031 2076 WmiApSrv - ok
00:48:02.0140 2076 [ 3739866D20ABD42F26A7B85F9E2560AF ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
00:48:02.0156 2076 WMPNetworkSvc - ok
00:48:02.0187 2076 [ CF4DEF1BF66F06964DC0D91844239104 ] WpdUsb C:\WINDOWS\system32\DRIVERS\wpdusb.sys
00:48:02.0187 2076 WpdUsb - ok
00:48:02.0250 2076 [ 4C86D5FAF78194995AF9CC1075F65DD3 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
00:48:02.0250 2076 wscsvc - ok
00:48:02.0312 2076 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
00:48:02.0312 2076 WSTCODEC - ok
00:48:02.0343 2076 [ C1364564800EE9784192145324A23308 ] wuauserv C:\WINDOWS\system32\wuauserv.dll
00:48:02.0343 2076 wuauserv - ok
00:48:02.0406 2076 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
00:48:02.0406 2076 WudfPf - ok
00:48:02.0453 2076 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
00:48:02.0453 2076 WudfRd - ok
00:48:02.0484 2076 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
00:48:02.0515 2076 WudfSvc - ok
00:48:02.0593 2076 [ A27D4BA7264C0BF52F32D10405BEA1D4 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
00:48:02.0609 2076 WZCSVC - ok
00:48:02.0640 2076 [ EAA4BB9EDB3FB10CF8979FE65E63658F ] xmlprov C:\WINDOWS\System32\xmlprov.dll
00:48:02.0671 2076 xmlprov - ok
00:48:02.0687 2076 ================ Scan global ===============================
00:48:02.0718 2076 [ F36278E42C8C5DF03CE17DAC8231C91C ] C:\WINDOWS\system32\basesrv.dll
00:48:02.0750 2076 [ F3FA14A297BC687D0B51289D034033C9 ] C:\WINDOWS\system32\winsrv.dll
00:48:02.0781 2076 [ F3FA14A297BC687D0B51289D034033C9 ] C:\WINDOWS\system32\winsrv.dll
00:48:02.0812 2076 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] C:\WINDOWS\system32\services.exe
00:48:02.0812 2076 [Global] - ok
00:48:02.0812 2076 ================ Scan MBR ==================================
00:48:02.0843 2076 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
00:48:03.0625 2076 \Device\Harddisk0\DR0 - ok
00:48:03.0640 2076 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR3
00:48:04.0000 2076 \Device\Harddisk1\DR3 - ok
00:48:04.0000 2076 ================ Scan VBR ==================================
00:48:04.0000 2076 [ 7122C2C9C972E98029B6ABAD79F81AE0 ] \Device\Harddisk0\DR0\Partition1
00:48:04.0000 2076 \Device\Harddisk0\DR0\Partition1 - ok
00:48:04.0015 2076 [ 87AAAEBDCCA1DA9B4757A3FDEED7DEAF ] \Device\Harddisk1\DR3\Partition1
00:48:04.0031 2076 \Device\Harddisk1\DR3\Partition1 - ok
00:48:04.0031 2076 ============================================================
00:48:04.0031 2076 Scan finished
00:48:04.0031 2076 ============================================================
00:48:04.0046 3632 Detected object count: 1
00:48:04.0046 3632 Actual detected object count: 1
00:48:30.0203 3632 C:\WINDOWS\system32\Drivers\sptd.sys - copied to quarantine
00:48:30.0593 3632 HKLM\SYSTEM\ControlSet001\services\sptd - will be deleted on reboot
00:48:30.0609 3632 HKLM\SYSTEM\ControlSet002\services\sptd - will be deleted on reboot
00:48:30.0656 3632 C:\WINDOWS\system32\Drivers\sptd.sys - will be deleted on reboot
00:48:30.0656 3632 sptd ( LockedFile.Multi.Generic ) - User select action: Delete

[jaro3]

Restartuj , pak znovu TDSSKiller , po něm Combofix.

[lukas81]

Takže TDSSKiller nenašel nic. Combofix proběhl,ale podle toho co jsem si přečetl tak bez "konzole pro zotavení" nemohl odstranit viry které jsou hluboko uložené. Jak si můžu dát do počítače konzoli pro zotavení? Kombo mi to nabídl,ale i když jsem dal ano na stáhnutí tak to nestáhl kvůli nějaké chybě. Tady je log z Comba

ComboFix 12-08-22.03 - Kacenka 23.08.2012 13:08:09.1.2 - x86
Spuštěný z: c:\documents and settings\Kacenka\Plocha\ComboFix.exe
* Vytvořen nový Bod Obnovení
.
VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Kacenka\WINDOWS
C:\install.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-07-23 do 2012-08-23 )))))))))))))))))))))))))))))))
.
.
2012-08-23 10:41 . 2012-08-01 22:51 7023536 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{FADB2475-62EF-48C8-9DF4-E05705F301C1}\mpengine.dll
2012-08-22 22:48 . 2012-08-22 22:48 -------- d-----w- C:\TDSSKiller_Quarantine
2012-08-22 22:47 . 2012-08-22 22:47 177496 ----a-w- c:\windows\system32\drivers\24193403.sys
2012-08-22 08:11 . 2012-08-22 08:11 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-08-22 08:11 . 2012-07-03 11:46 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-08-22 08:03 . 2012-08-01 22:51 7023536 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-08-21 18:21 . 2012-08-21 18:21 388096 ----a-r- c:\documents and settings\Kacenka\Data aplikací\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-08-21 18:21 . 2012-08-21 18:21 -------- d-----w- c:\program files\Trend Micro
2012-08-21 18:06 . 2012-08-21 18:06 -------- d-----w- c:\documents and settings\All Users\Data aplikací\GFI Software
2012-08-21 08:45 . 2012-08-21 08:45 -------- d-----w- c:\documents and settings\LocalService\Data aplikací\Ad-Aware Antivirus
2012-08-21 08:44 . 2012-08-21 08:44 -------- d-----w- c:\documents and settings\Kacenka\Local Settings\Data aplikací\adaware
2012-08-21 08:44 . 2012-08-23 11:16 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Ad-Aware Browsing Protection
2012-08-21 08:44 . 2012-08-21 08:44 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Lavasoft
2012-08-21 08:43 . 2012-08-21 18:06 -------- d-----w- c:\program files\Ad-Aware Antivirus
2012-08-21 08:41 . 2012-08-21 08:51 -------- d-----w- c:\documents and settings\Kacenka\Data aplikací\Ad-Aware Antivirus
2012-08-19 22:39 . 2012-08-19 22:39 -------- d-----w- c:\documents and settings\Kacenka\Local Settings\Data aplikací\Opera
2012-08-19 22:38 . 2012-08-19 22:39 -------- d-----w- c:\program files\Opera
2012-08-12 21:03 . 2012-08-12 21:04 -------- d-----w- c:\program files\Common Files\Adobe
2012-08-02 10:38 . 2012-08-02 10:38 -------- d-----w- c:\program files\Blue Byte
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-15 10:42 . 2012-05-04 19:41 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-08-15 10:42 . 2011-05-19 12:32 70344 -c--a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-07-06 13:58 . 2009-03-16 19:01 78336 ----a-w- c:\windows\system32\browser.dll
2012-07-04 14:05 . 2009-03-16 10:14 139784 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-07-03 18:22 . 2009-03-16 19:01 1866112 ----a-w- c:\windows\system32\win32k.sys
2012-07-03 14:59 . 2009-03-16 19:01 832512 ----a-w- c:\windows\system32\wininet.dll
2012-07-03 14:59 . 2009-03-16 19:01 1830912 ----a-w- c:\windows\system32\inetcpl.cpl
2012-07-03 14:59 . 2009-03-16 19:01 78336 ----a-w- c:\windows\system32\ieencode.dll
2012-07-03 14:59 . 2009-03-16 19:01 17408 ----a-w- c:\windows\system32\corpol.dll
2012-06-06 18:59 . 2012-06-06 18:59 1070152 ----a-w- c:\windows\system32\MSCOMCTL.OCX
2012-06-05 15:49 . 2009-03-16 19:01 1372672 ----a-w- c:\windows\system32\msxml6.dll
2012-06-05 15:49 . 2009-03-16 19:01 1172480 ----a-w- c:\windows\system32\msxml3.dll
2012-06-04 04:32 . 2009-03-16 19:01 152576 ----a-w- c:\windows\system32\schannel.dll
2012-06-02 13:19 . 2008-10-16 12:07 15384 ----a-w- c:\windows\system32\wuaucpl.cpl.mui
2012-06-02 13:19 . 2008-10-16 12:08 22552 ----a-w- c:\windows\system32\wucltui.dll.mui
2012-06-02 13:19 . 2009-03-16 10:15 329240 ----a-w- c:\windows\system32\wucltui.dll
2012-06-02 13:19 . 2009-03-16 10:15 219160 ----a-w- c:\windows\system32\wuaucpl.cpl
2012-06-02 13:19 . 2009-03-16 10:15 210968 ----a-w- c:\windows\system32\wuweb.dll
2012-06-02 13:19 . 2009-03-16 19:01 97304 -c--a-w- c:\windows\system32\cdm.dll
2012-06-02 13:19 . 2009-03-16 10:15 53784 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-02 13:19 . 2009-03-16 10:15 35864 ----a-w- c:\windows\system32\wups.dll
2012-06-02 13:19 . 2008-10-16 12:09 45080 ----a-w- c:\windows\system32\wups2.dll
2012-06-02 13:19 . 2008-10-16 12:07 15384 -c--a-w- c:\windows\system32\wuapi.dll.mui
2012-06-02 13:19 . 2008-10-16 12:07 18456 ----a-w- c:\windows\system32\wuaueng.dll.mui
2012-06-02 13:19 . 2009-03-16 10:15 577048 ----a-w- c:\windows\system32\wuapi.dll
2012-06-02 13:19 . 2009-03-16 10:15 1933848 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-02 13:19 . 2011-03-05 09:07 17648 ----a-w- c:\windows\system32\mucltui.dll.mui
2012-06-02 13:18 . 2011-03-05 09:07 275696 ----a-w- c:\windows\system32\mucltui.dll
2012-06-02 13:18 . 2011-03-05 09:07 214256 ----a-w- c:\windows\system32\muweb.dll
2012-05-31 13:22 . 2009-03-16 19:01 602112 ----a-w- c:\windows\system32\crypt32.dll
2010-08-06 12:53 . 2010-02-13 15:19 119808 -c--a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2008-04-15 178712]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-02-28 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-02-28 166424]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-02-28 137752]
"RTHDCPL"="RTHDCPL.EXE" [2009-02-24 17529856]
"AzMixerSel"="c:\program files\Realtek\Audio\Drivers\AzMixerSel.exe" [2006-01-25 53248]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-02-05 1430824]
"LManager"="c:\progra~1\LAUNCH~1\LManager.exe" [2008-12-30 875016]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2010-08-06 30192]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2008-04-14 208952]
"MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2008-04-14 59392]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2008-04-14 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2008-04-14 455168]
"snp2uvc"="c:\windows\system32\csnp2uvc.dll" [2009-02-16 196608]
"PLFSetL"="c:\windows\PLFSetL.exe" [2008-07-03 94208]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-26 931200]
"Ad-Aware Browsing Protection"="c:\documents and settings\All Users\Data aplikací\Ad-Aware Browsing Protection\adawarebp.exe" [2011-10-21 198032]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2011-07-27 434080]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
Acer VCM.lnk - c:\program files\Acer\Acer VCM\AcerVCM.exe [2009-3-16 565248]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\QIP\\qip.exe"=
"c:\\Program Files\\Acer\\Acer VCM\\VC.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Opera\\pluginwrapper\\opera_plugin_wrapper.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
.
R1 SBRE;SBRE;c:\windows\system32\drivers\SBREdrv.sys [x]
R2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [x]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [x]
R3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [x]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys [x]
R3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\DRIVERS\ewusbnet.sys [x]
R3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [x]
R3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [x]
R3 Huawei;Vodafone Mobile Broadband - USB Smart Card Reader (Huawei);c:\windows\system32\DRIVERS\ewdcsc.sys [x]
R3 hwusbfake;Huawei DataCard USB Fake;c:\windows\system32\DRIVERS\ewusbfake.sys [x]
R3 L1c;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\l1c51x86.sys [x]
R3 Rts516xIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys [x]
S2 RS_Service;Raw Socket Service;c:\program files\Acer\Acer VCM\RS_Service.exe [x]
S3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys [x]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
Obsah adresáře 'Naplánované úlohy'
.
2012-08-22 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-04 10:43]
.
2012-08-23 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-05-07 20:27]
.
2012-08-23 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-05-07 20:27]
.
2012-08-23 c:\windows\Tasks\Microsoft Antimalware Scheduled Scan.job
- c:\program files\Microsoft Security Client\MpCmdRun.exe [2012-03-26 15:03]
.
.
------- Doplňkový sken -------
.
uDefault_Search_URL = hxxp://www.google.com/ie
uInternet Connection Wizard,ShellNext = iexplore
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: WikiKomentáře Google...
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
SafeBoot-29985609.sys
SafeBoot-Wdf01000.sys
SafeBoot-mcmscsvc
SafeBoot-MCODS
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-08-23 13:16
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'explorer.exe'(2392)
c:\documents and settings\All Users\Data aplikací\Ad-Aware Browsing Protection\adawarebp.dll
c:\progra~1\WINDOW~2\wmpband.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Microsoft Security Client\MsMpEng.exe
c:\program files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\PnkBstrA.exe
c:\windows\system32\PnkBstrB.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\windows\system32\igfxsrvc.exe
c:\windows\RTHDCPL.EXE
c:\windows\system32\igfxext.exe
.
**************************************************************************
.
Celkový čas: 2012-08-23 13:20:55 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-08-23 11:20
.
Před spuštěním: Volných bajtů: 96 200 196 096
Po spuštění: Volných bajtů: 96 175 329 280
.
- - End Of File - - ABD84270821E70F74E525A0323A88542

[jaro3]

Takže TDSSKiller nenašel nic. Combofix proběhl,ale podle toho co jsem si přečetl tak bez "konzole pro zotavení" nemohl odstranit viry které jsou hluboko uložené. Jak si můžu dát do počítače konzoli pro zotavení? Kombo mi to nabídl,ale i když jsem dal ano na stáhnutí tak to nestáhl kvůli nějaké chybě. Tady je log z Comba

na winXP by měla jít nainstalovat ta konzole...

Stáhni si Security Check by screen317 z některého odkazu
http://screen317.spywareinfoforum.org/SecurityCheck.exe
http://screen317.changelog.fr/SecurityCheck.exe

ulož si ho na plochu, poklepej na něj a postupuj podle instrukcí v černém okně. Potom se automaticky otevře pozn. Blok, bude mít název checkup.txt. Jeho obsah sem prosím zkopíruj.

[lukas81]

Asi nemáš odkaz na tu konzoli?

Results of screen317's Security Check version 0.99.46
Windows XP Service Pack 3 x86
Internet Explorer 7 Out of date!
``````````````Antivirus/Firewall Check:``````````````
Microsoft Security Essentials
`````````Anti-malware/Other Utilities Check:`````````
Ad-Aware
Malwarebytes Anti-Malware verze 1.62.0.1300
CCleaner
Java(TM) 6 Update 17
Java version out of Date!
Adobe Flash Player 11.3.300.271
Adobe Reader 9 Adobe Reader out of Date!
Adobe Reader X (10.1.4)
Google Chrome 21.0.1180.79
Google Chrome 21.0.1180.83
````````Process Check: objlist.exe by Laurent````````
Ad-Aware AAWService.exe is disabled!
Ad-Aware AAWTray.exe is disabled!
`````````````````System Health check`````````````````
Total Fragmentation on Drive C::
````````````````````End of Log``````````````````````

[jaro3]

http://support.microsoft.com/kb/307654/cs

http://support.microsoft.com/kb/307654/cs#howtouserc

Odinstaluj:
Ad-Aware

co je v logu červené aktualizuj

Aktualizuj javu:
Java SE Runtime Environment 7

Klikni na Accept License Agreement
Vyber si OS (Windows nebo Windows x64, Offline Installation)
jre-7-windows-i586-p.exe nebo
jre-7-windows-x64.exe
Stáhni ( download) a nainstaluj.
Ostatní javy odeber v přidat/odebrat programy.