Prosím o kontrolu Vyřešeno

[Pic]

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:39:04, on 2.9.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
D:\DU Meter\DUMeter.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\vVX1000.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\totalcmd\TOTALCMD.EXE
E:\STAH\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [DU Meter] D:\DU Meter\DUMeter.exe
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [VX1000] C:\WINDOWS\vVX1000.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk.disabled
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs Inc. - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

--
End of file - 3873 bytes

Děkuji!

[Reklama]

[Pic]

UP

[Žbeky]

Problémy?

Fixni:

Kód: Vybrat vše

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O4 - Global Startup: Adobe Reader Speed Launch.lnk.disabled

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
- Pokud používáš Firefox, klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
- Pokud používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
- Pokud používáš Chrome, nic dalšího nevybírej a dej Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Update Malwarebytes' Anti-Malware (Aktualizace Malwarebytes' Anti-Malware) a Launch Malwarebytes' Anti-Malware (Spustit aplikaci Malwarebytes' Anti-Malware), pokud jo tak klikni na tlačítko Finish
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Perform Quick Scan (Provést rychlý sken) a klikni na tlačítko Scan (Skenovat)
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- pak zvol možnost Save Logfile a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(ZATÍM SÁM NIC NEMAŽ!).
Vlož sem pak obsah toho logu.

[Pic]

Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Verze databáze: v2012.09.03.07

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Petr :: KOCOUR-491AC2D7 [administrátor]

3.9.2012 18:42:51
mbam-log-2012-09-03 (18-48-05).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 293943
Uplynulý čas: 4 minut, 52 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 1
HKLM\SOFTWARE\Microsoft\Security Center|FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Špatný: (1) Dobrý: (0) -> Žádná instrukce nebyla provedena.

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)

(konec)
Díky za pomoc!

[memphisto]

Nějaké problémy?

[Pic]

Problém je v tom, že při spuštění PC sice naběhne PC, ale občas je nepřístupná spodní lišta. To se stává jen občas a pokud je připojen v PC síťový kabel. Jinak bez kabelu vše naběhne OK.

[jaro3]

Stáhni si TDSSKiller
Na svojí plochu.Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller.2.2.7.1._(datum)_log.txt , vlož sem prosím celý obsah logu.

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

[Pic]

Tady první log.
13:38:27.0453 1804 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
13:38:29.0453 1804 ============================================================
13:38:29.0453 1804 Current date / time: 2012/09/04 13:38:29.0453
13:38:29.0453 1804 SystemInfo:
13:38:29.0453 1804
13:38:29.0453 1804 OS Version: 5.1.2600 ServicePack: 3.0
13:38:29.0453 1804 Product type: Workstation
13:38:29.0453 1804 ComputerName: KOCOUR-491AC2D7
13:38:29.0453 1804 UserName: Petr
13:38:29.0453 1804 Windows directory: C:\WINDOWS
13:38:29.0453 1804 System windows directory: C:\WINDOWS
13:38:29.0453 1804 Processor architecture: Intel x86
13:38:29.0453 1804 Number of processors: 2
13:38:29.0453 1804 Page size: 0x1000
13:38:29.0453 1804 Boot type: Normal boot
13:38:29.0453 1804 ============================================================
13:38:30.0343 1804 Drive \Device\Harddisk0\DR0 - Size: 0x7470AFDE00 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
13:38:30.0343 1804 ============================================================
13:38:30.0343 1804 \Device\Harddisk0\DR0:
13:38:30.0343 1804 MBR partitions:
13:38:30.0343 1804 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x57E52EA
13:38:30.0343 1804 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x57E5368, BlocksNum 0xEA60903
13:38:30.0359 1804 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x14245CAA, BlocksNum 0x124F6BF3
13:38:30.0375 1804 \Device\Harddisk0\DR0\Partition4: MBR, Type 0x7, StartLBA 0x2673C8DC, BlocksNum 0x13C48365
13:38:30.0375 1804 ============================================================
13:38:30.0390 1804 C: <-> \Device\Harddisk0\DR0\Partition1
13:38:30.0453 1804 F: <-> \Device\Harddisk0\DR0\Partition4
13:38:30.0484 1804 E: <-> \Device\Harddisk0\DR0\Partition3
13:38:30.0562 1804 D: <-> \Device\Harddisk0\DR0\Partition2
13:38:30.0578 1804 ============================================================
13:38:30.0578 1804 Initialize success
13:38:30.0578 1804 ============================================================
13:38:42.0109 3984 ============================================================
13:38:42.0109 3984 Scan started
13:38:42.0109 3984 Mode: Manual;
13:38:42.0109 3984 ============================================================
13:38:42.0468 3984 ================ Scan system memory ========================
13:38:42.0468 3984 System memory - ok
13:38:42.0468 3984 ================ Scan services =============================
13:38:42.0562 3984 [ 0352A73CD6B1782EA3ED7A03A8268F55 ] Aavmker4 C:\WINDOWS\system32\drivers\Aavmker4.sys
13:38:42.0562 3984 Aavmker4 - ok
13:38:42.0562 3984 Abiosdsk - ok
13:38:42.0562 3984 abp480n5 - ok
13:38:42.0578 3984 [ 4FE34F1F3126B61FCC6B2043AA8112C9 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
13:38:42.0578 3984 ACPI - ok
13:38:42.0609 3984 [ AFDFF022A01F0B11C776F0860C3B282F ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
13:38:42.0609 3984 ACPIEC - ok
13:38:42.0609 3984 adpu160m - ok
13:38:42.0640 3984 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
13:38:42.0640 3984 aec - ok
13:38:42.0656 3984 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
13:38:42.0656 3984 AFD - ok
13:38:42.0656 3984 Aha154x - ok
13:38:42.0671 3984 aic78u2 - ok
13:38:42.0671 3984 aic78xx - ok
13:38:42.0687 3984 [ E0A6FA244B8624D78FE5FF6F56A33BAE ] Alerter C:\WINDOWS\system32\alrsvc.dll
13:38:42.0687 3984 Alerter - ok
13:38:42.0687 3984 [ 88842DE939A827577BF24243699AC80A ] ALG C:\WINDOWS\System32\alg.exe
13:38:42.0687 3984 ALG - ok
13:38:42.0703 3984 AliIde - ok
13:38:42.0703 3984 amsint - ok
13:38:42.0750 3984 [ 6B8E7A90E576D4FE308F97C69060A171 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
13:38:42.0750 3984 AppMgmt - ok
13:38:42.0765 3984 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
13:38:42.0765 3984 Arp1394 - ok
13:38:42.0765 3984 asc - ok
13:38:42.0765 3984 asc3350p - ok
13:38:42.0781 3984 asc3550 - ok
13:38:42.0843 3984 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
13:38:42.0859 3984 aspnet_state - ok
13:38:42.0875 3984 [ F5DC168BF77572D51BE28BA261B30CB4 ] aswFsBlk C:\WINDOWS\system32\drivers\aswFsBlk.sys
13:38:42.0875 3984 aswFsBlk - ok
13:38:42.0875 3984 [ 2B9B1DF809E965EF63402CBBA6DB50AE ] aswMon2 C:\WINDOWS\system32\drivers\aswMon2.sys
13:38:42.0875 3984 aswMon2 - ok
13:38:42.0906 3984 [ B7D5E4486BA658ED08624D8084ABB830 ] aswRdr C:\WINDOWS\system32\drivers\aswRdr.sys
13:38:42.0906 3984 aswRdr - ok
13:38:42.0937 3984 [ 30E45AF8B4D83176CA850FC9699E860B ] aswSnx C:\WINDOWS\system32\drivers\aswSnx.sys
13:38:42.0937 3984 aswSnx - ok
13:38:42.0953 3984 [ F04BDBCB965C05C51F4A7DE7B62063D6 ] aswSP C:\WINDOWS\system32\drivers\aswSP.sys
13:38:42.0968 3984 aswSP - ok
13:38:42.0968 3984 [ DFE9152ABFA89BB8CFDC057409B2D4DA ] aswTdi C:\WINDOWS\system32\drivers\aswTdi.sys
13:38:42.0968 3984 aswTdi - ok
13:38:42.0984 3984 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
13:38:42.0984 3984 AsyncMac - ok
13:38:43.0000 3984 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
13:38:43.0000 3984 atapi - ok
13:38:43.0000 3984 Atdisk - ok
13:38:43.0015 3984 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
13:38:43.0015 3984 Atmarpc - ok
13:38:43.0015 3984 [ DE31B88962A8645DBA5A37B993E7B0F1 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
13:38:43.0015 3984 AudioSrv - ok
13:38:43.0031 3984 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
13:38:43.0031 3984 audstub - ok
13:38:43.0078 3984 [ 04AC21E821F259845BD7367CEE057290 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
13:38:43.0078 3984 avast! Antivirus - ok
13:38:43.0093 3984 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
13:38:43.0093 3984 Beep - ok
13:38:43.0109 3984 [ 19395D092FD85DDC2D9C7729CF5A2AC8 ] BITS C:\WINDOWS\system32\qmgr.dll
13:38:43.0125 3984 BITS - ok
13:38:43.0156 3984 [ 89E739BBA5F636297EA5B5F811189E06 ] Browser C:\WINDOWS\System32\browser.dll
13:38:43.0156 3984 Browser - ok
13:38:43.0171 3984 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
13:38:43.0171 3984 cbidf2k - ok
13:38:43.0187 3984 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
13:38:43.0187 3984 CCDECODE - ok
13:38:43.0187 3984 cd20xrnt - ok
13:38:43.0203 3984 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
13:38:43.0203 3984 Cdaudio - ok
13:38:43.0203 3984 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
13:38:43.0218 3984 Cdfs - ok
13:38:43.0218 3984 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
13:38:43.0218 3984 Cdrom - ok
13:38:43.0234 3984 Changer - ok
13:38:43.0234 3984 [ E390DC1D7C461D7D56EC53402F329928 ] CiSvc C:\WINDOWS\system32\cisvc.exe
13:38:43.0234 3984 CiSvc - ok
13:38:43.0250 3984 [ 064507A8DFA8C5C7E2FFDDD3E6F424FA ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
13:38:43.0250 3984 ClipSrv - ok
13:38:43.0281 3984 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:38:43.0281 3984 clr_optimization_v2.0.50727_32 - ok
13:38:43.0312 3984 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:38:43.0328 3984 clr_optimization_v4.0.30319_32 - ok
13:38:43.0343 3984 CmdIde - ok
13:38:43.0343 3984 COMSysApp - ok
13:38:43.0343 3984 Cpqarray - ok
13:38:43.0359 3984 [ F3AB0933CBD166D271992F411C27CCAF ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
13:38:43.0359 3984 CryptSvc - ok
13:38:43.0375 3984 [ 5776322F93CDB91086111F5FFBFDA2A0 ] d347bus C:\WINDOWS\system32\DRIVERS\d347bus.sys
13:38:43.0375 3984 d347bus - ok
13:38:43.0375 3984 [ B49F79ACE459763F4E0380071BE9CB45 ] d347prt C:\WINDOWS\system32\Drivers\d347prt.sys
13:38:43.0375 3984 d347prt - ok
13:38:43.0375 3984 dac2w2k - ok
13:38:43.0375 3984 dac960nt - ok
13:38:43.0406 3984 [ BE27674D1CBC3214AEC84B4336A38BBF ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
13:38:43.0406 3984 DcomLaunch - ok
13:38:43.0421 3984 [ 8C9A53E285AC5E6704844D0459EC85BE ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
13:38:43.0421 3984 Dhcp - ok
13:38:43.0421 3984 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
13:38:43.0421 3984 Disk - ok
13:38:43.0437 3984 dmadmin - ok
13:38:43.0453 3984 [ DB5FD2BF5B07DC54BFCB3664FF05BD7C ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
13:38:43.0453 3984 dmboot - ok
13:38:43.0468 3984 [ FFF1720AF51171F32F1EAD5CF71F2810 ] dmio C:\WINDOWS\system32\drivers\dmio.sys
13:38:43.0468 3984 dmio - ok
13:38:43.0468 3984 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
13:38:43.0468 3984 dmload - ok
13:38:43.0484 3984 [ 2BFEFE9E865655A76982F050450B9591 ] dmserver C:\WINDOWS\System32\dmserver.dll
13:38:43.0484 3984 dmserver - ok
13:38:43.0515 3984 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
13:38:43.0515 3984 DMusic - ok
13:38:43.0546 3984 [ DFAA406BF19F4EE806A6F8D4342137F7 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
13:38:43.0546 3984 Dnscache - ok
13:38:43.0578 3984 [ 4A3E2BD20157A0946751229E92EB8621 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
13:38:43.0578 3984 Dot3svc - ok
13:38:43.0578 3984 dpti2o - ok
13:38:43.0593 3984 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
13:38:43.0593 3984 drmkaud - ok
13:38:43.0609 3984 [ 0887D9C2BE8D940778CAD1E3B85F2A41 ] EapHost C:\WINDOWS\System32\eapsvc.dll
13:38:43.0625 3984 EapHost - ok
13:38:43.0625 3984 [ A2A4912798F2BE706ABADD3D30800D16 ] ERSvc C:\WINDOWS\System32\ersvc.dll
13:38:43.0625 3984 ERSvc - ok
13:38:43.0640 3984 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] Eventlog C:\WINDOWS\system32\services.exe
13:38:43.0656 3984 Eventlog - ok
13:38:43.0671 3984 [ A371F11EF07653591C8DE26AFB13CE7F ] EventSystem C:\WINDOWS\system32\es.dll
13:38:43.0671 3984 EventSystem - ok
13:38:43.0703 3984 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
13:38:43.0703 3984 Fastfat - ok
13:38:43.0718 3984 [ EE9A2B9EA968A792A053C9D1A86BF870 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
13:38:43.0718 3984 FastUserSwitchingCompatibility - ok
13:38:43.0734 3984 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
13:38:43.0734 3984 Fdc - ok
13:38:43.0750 3984 [ AC366695A0796560AA37215AD5762AAF ] Fips C:\WINDOWS\system32\drivers\Fips.sys
13:38:43.0750 3984 Fips - ok
13:38:43.0765 3984 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
13:38:43.0765 3984 Flpydisk - ok
13:38:43.0781 3984 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys
13:38:43.0781 3984 FltMgr - ok
13:38:43.0812 3984 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
13:38:43.0812 3984 FontCache3.0.0.0 - ok
13:38:43.0843 3984 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
13:38:43.0843 3984 Fs_Rec - ok
13:38:43.0843 3984 [ 4E664D8541DB4A66B73A24257E322E1F ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
13:38:43.0843 3984 Ftdisk - ok
13:38:43.0859 3984 [ 5C230948DD6652228F88CA7AE6CB276C ] gdrv C:\WINDOWS\gdrv.sys
13:38:44.0484 3984 gdrv - ok
13:38:44.0500 3984 [ 77EBF3E9386DAA51551AF429052D88D0 ] giveio C:\WINDOWS\system32\giveio.sys
13:38:44.0500 3984 giveio - ok
13:38:44.0515 3984 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
13:38:44.0515 3984 Gpc - ok
13:38:44.0531 3984 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
13:38:44.0531 3984 HDAudBus - ok
13:38:44.0578 3984 [ FCFE31FB75F8A6295B6B0AF87A626282 ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
13:38:44.0578 3984 helpsvc - ok
13:38:44.0609 3984 [ 7A6B320928F86BC851530D63C82965D9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
13:38:44.0609 3984 hkmsvc - ok
13:38:44.0609 3984 [ 4BAB16AFC2B0029E09C67DAA8EC722A2 ] hotcore3 C:\WINDOWS\system32\drivers\hotcore3.sys
13:38:44.0609 3984 hotcore3 - ok
13:38:44.0609 3984 hpn - ok
13:38:44.0640 3984 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
13:38:44.0640 3984 HTTP - ok
13:38:44.0671 3984 [ 58FE2F2DA3BC5573F4A35B3760D3125F ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
13:38:44.0671 3984 HTTPFilter - ok
13:38:44.0671 3984 i2omgmt - ok
13:38:44.0671 3984 i2omp - ok
13:38:44.0687 3984 [ C528E27945367191E7BAE364930B6932 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
13:38:44.0687 3984 i8042prt - ok
13:38:44.0734 3984 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
13:38:44.0750 3984 idsvc - ok
13:38:44.0765 3984 [ 07AD42303519A955560B5A19FE20B68F ] IISADMIN C:\WINDOWS\system32\inetsrv\inetinfo.exe
13:38:44.0765 3984 IISADMIN - ok
13:38:44.0781 3984 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
13:38:44.0781 3984 Imapi - ok
13:38:44.0796 3984 [ F7B93AAFAD33B2320954C17E26C8D361 ] ImapiService C:\WINDOWS\system32\imapi.exe
13:38:44.0796 3984 ImapiService - ok
13:38:44.0796 3984 ini910u - ok
13:38:44.0875 3984 [ C4006AF18682FCA0D8A011A0A21070F8 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
13:38:44.0890 3984 IntcAzAudAddService - ok
13:38:44.0906 3984 IntelIde - ok
13:38:44.0906 3984 [ 27B290D632AF2CF3CF40BFDDB7370985 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
13:38:44.0906 3984 intelppm - ok
13:38:44.0921 3984 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
13:38:44.0921 3984 Ip6Fw - ok
13:38:44.0937 3984 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
13:38:44.0937 3984 IpFilterDriver - ok
13:38:44.0953 3984 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
13:38:44.0953 3984 IpInIp - ok
13:38:44.0953 3984 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
13:38:44.0953 3984 IpNat - ok
13:38:44.0968 3984 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
13:38:44.0968 3984 IPSec - ok
13:38:44.0984 3984 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
13:38:44.0984 3984 IRENUM - ok
13:38:45.0000 3984 [ CC9F8A2D60AED1A51A3AC34C59B987AE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
13:38:45.0000 3984 isapnp - ok
13:38:45.0046 3984 [ 5E06A9D23727DAF96FAA796F1135FDCD ] JavaQuickStarterService C:\Program Files\Java\jre6\bin\jqs.exe
13:38:45.0046 3984 JavaQuickStarterService - ok
13:38:45.0062 3984 [ 1B6162FE7F66B1A71A4B70F941C4AA9B ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
13:38:45.0062 3984 Kbdclass - ok
13:38:45.0062 3984 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
13:38:45.0078 3984 kmixer - ok
13:38:45.0078 3984 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
13:38:45.0078 3984 KSecDD - ok
13:38:45.0093 3984 [ 3428E8F86F8ADD36B42FB23542C7B3E4 ] LanmanServer C:\WINDOWS\System32\srvsvc.dll
13:38:45.0109 3984 LanmanServer - ok
13:38:45.0125 3984 [ 936C1D110232D23B621CB0196E4F80F0 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
13:38:45.0140 3984 lanmanworkstation - ok
13:38:45.0140 3984 lbrtfdc - ok
13:38:45.0171 3984 [ 0AB159F536E3E8F7F07113702A07CCA5 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
13:38:45.0171 3984 LmHosts - ok
13:38:45.0187 3984 [ 0BEFA983F8B9511EADD6960DD13E9FBF ] LPDSVC C:\WINDOWS\system32\tcpsvcs.exe
13:38:45.0203 3984 LPDSVC - ok
13:38:45.0218 3984 [ A730FC8671A60666D6E877C544DD7CD4 ] LVUSBSta C:\WINDOWS\system32\drivers\lvusbsta.sys
13:38:45.0218 3984 LVUSBSta - ok
13:38:45.0218 3984 [ 221CD1C815B8A6B79389C3F5D1018DE8 ] Messenger C:\WINDOWS\System32\msgsvc.dll
13:38:45.0218 3984 Messenger - ok
13:38:45.0250 3984 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
13:38:45.0250 3984 mnmdd - ok
13:38:45.0265 3984 [ 9A57D046F88F4B69751B11FD40088A61 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
13:38:45.0281 3984 mnmsrvc - ok
13:38:45.0281 3984 [ 44032B0C6D9954D3FD26438330B99EE7 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
13:38:45.0281 3984 Modem - ok
13:38:45.0296 3984 [ 4CB582831DBDE63CE43B45D771218374 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
13:38:45.0296 3984 Mouclass - ok
13:38:45.0296 3984 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
13:38:45.0296 3984 MountMgr - ok
13:38:45.0343 3984 [ E8D79312373F254DC13F3965BDB3D521 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
13:38:45.0343 3984 MozillaMaintenance - ok
13:38:45.0343 3984 mraid35x - ok
13:38:45.0359 3984 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
13:38:45.0359 3984 MRxDAV - ok
13:38:45.0390 3984 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
13:38:45.0390 3984 MRxSmb - ok
13:38:45.0406 3984 [ 6DB4D1521CABA9A5FFAB54ADE0AE867D ] MSDTC C:\WINDOWS\system32\msdtc.exe
13:38:45.0406 3984 MSDTC - ok
13:38:45.0406 3984 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
13:38:45.0421 3984 Msfs - ok
13:38:45.0421 3984 MSIServer - ok
13:38:45.0421 3984 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
13:38:45.0421 3984 MSKSSRV - ok
13:38:45.0421 3984 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
13:38:45.0437 3984 MSPCLOCK - ok
13:38:45.0437 3984 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
13:38:45.0437 3984 MSPQM - ok
13:38:45.0453 3984 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
13:38:45.0453 3984 mssmbios - ok
13:38:45.0468 3984 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
13:38:45.0468 3984 MSTEE - ok
13:38:45.0484 3984 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
13:38:45.0484 3984 Mup - ok
13:38:45.0500 3984 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
13:38:45.0500 3984 NABTSFEC - ok
13:38:45.0531 3984 [ 6EA362E9DB03D44F6B996F4D8BE237E9 ] napagent C:\WINDOWS\System32\qagentrt.dll
13:38:45.0531 3984 napagent - ok
13:38:45.0546 3984 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
13:38:45.0546 3984 NDIS - ok
13:38:45.0578 3984 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
13:38:45.0578 3984 NdisIP - ok
13:38:45.0578 3984 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
13:38:45.0578 3984 NdisTapi - ok
13:38:45.0578 3984 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
13:38:45.0578 3984 Ndisuio - ok
13:38:45.0593 3984 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
13:38:45.0593 3984 NdisWan - ok
13:38:45.0609 3984 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
13:38:45.0609 3984 NDProxy - ok
13:38:45.0609 3984 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
13:38:45.0609 3984 NetBIOS - ok
13:38:45.0625 3984 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
13:38:45.0625 3984 NetBT - ok
13:38:45.0640 3984 [ 933DE774986EC85E48210C44AB431DE6 ] NetDDE C:\WINDOWS\system32\netdde.exe
13:38:45.0640 3984 NetDDE - ok
13:38:45.0640 3984 [ 933DE774986EC85E48210C44AB431DE6 ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
13:38:45.0640 3984 NetDDEdsdm - ok
13:38:45.0656 3984 [ ED0A176354487CEED65B80A7148AB739 ] Netlogon C:\WINDOWS\system32\lsass.exe
13:38:45.0656 3984 Netlogon - ok
13:38:45.0671 3984 [ 72E1E9E2977BE08BDEEDB6D8FD9D4D40 ] Netman C:\WINDOWS\System32\netman.dll
13:38:45.0671 3984 Netman - ok
13:38:45.0718 3984 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
13:38:45.0718 3984 NetTcpPortSharing - ok
13:38:45.0734 3984 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
13:38:45.0734 3984 NIC1394 - ok
13:38:45.0750 3984 [ 39EE7C3BFBC64BA87CC8CF67386E814C ] Nla C:\WINDOWS\System32\mswsock.dll
13:38:45.0765 3984 Nla - ok
13:38:45.0765 3984 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
13:38:45.0765 3984 Npfs - ok
13:38:45.0781 3984 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
13:38:45.0781 3984 Ntfs - ok
13:38:45.0781 3984 [ ED0A176354487CEED65B80A7148AB739 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
13:38:45.0796 3984 NtLmSsp - ok
13:38:45.0812 3984 [ 023DD70573D644F3D9C8B1258A7BFD08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
13:38:45.0812 3984 NtmsSvc - ok
13:38:45.0843 3984 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
13:38:45.0843 3984 Null - ok
13:38:46.0046 3984 [ ED9816DBAF6689542EA7D022631906A1 ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
13:38:46.0156 3984 nv - ok
13:38:46.0187 3984 [ A2322C6207EBB0761A6C8CC9003EBACF ] NVSvc C:\WINDOWS\system32\nvsvc32.exe
13:38:46.0187 3984 NVSvc - ok
13:38:46.0203 3984 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
13:38:46.0218 3984 NwlnkFlt - ok
13:38:46.0218 3984 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
13:38:46.0218 3984 NwlnkFwd - ok
13:38:46.0234 3984 [ 8B8B1BE2DBA4025DA6786C645F77F123 ] NwlnkIpx C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys
13:38:46.0250 3984 NwlnkIpx - ok
13:38:46.0250 3984 [ 56D34A67C05E94E16377C60609741FF8 ] NwlnkNb C:\WINDOWS\system32\DRIVERS\nwlnknb.sys
13:38:46.0250 3984 NwlnkNb - ok
13:38:46.0265 3984 [ C0BB7D1615E1ACBDC99757F6CEAF8CF0 ] NwlnkSpx C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys
13:38:46.0265 3984 NwlnkSpx - ok
13:38:46.0265 3984 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
13:38:46.0281 3984 ohci1394 - ok
13:38:46.0312 3984 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:38:46.0312 3984 ose - ok
13:38:46.0343 3984 [ 46F8DB73B4A53E543F8E371DC7C75BAE ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
13:38:46.0343 3984 Parport - ok
13:38:46.0343 3984 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
13:38:46.0343 3984 PartMgr - ok
13:38:46.0375 3984 [ 1FAE19D0457176318BBA4A8795656EBC ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
13:38:46.0375 3984 ParVdm - ok
13:38:46.0390 3984 [ 6CE351D149CB4BEFC702951E471E1730 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
13:38:46.0390 3984 PCI - ok
13:38:46.0390 3984 PCIDump - ok
13:38:46.0406 3984 [ 2DA4EC85E0EA7A45C6B2A05820492D5A ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
13:38:46.0406 3984 PCIIde - ok
13:38:46.0421 3984 [ 4FC31E6C19A5CE5198B1ABFF94CAE758 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
13:38:46.0421 3984 Pcmcia - ok
13:38:46.0437 3984 [ 02AAAFB7BA137CE5DDABCDF8090954D9 ] pcouffin C:\WINDOWS\system32\Drivers\pcouffin.sys
13:38:46.0437 3984 pcouffin - ok
13:38:46.0437 3984 PDCOMP - ok
13:38:46.0437 3984 PDFRAME - ok
13:38:46.0453 3984 PDRELI - ok
13:38:46.0453 3984 PDRFRAME - ok
13:38:46.0453 3984 perc2 - ok
13:38:46.0453 3984 perc2hib - ok
13:38:46.0468 3984 [ 5BD2C6D982481D548107C602E7CCFBBC ] PID_0928 C:\WINDOWS\system32\DRIVERS\LV561AV.SYS
13:38:46.0468 3984 PID_0928 - ok
13:38:46.0484 3984 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] PlugPlay C:\WINDOWS\system32\services.exe
13:38:46.0484 3984 PlugPlay - ok
13:38:46.0500 3984 [ ED0A176354487CEED65B80A7148AB739 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
13:38:46.0500 3984 PolicyAgent - ok
13:38:46.0515 3984 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
13:38:46.0515 3984 PptpMiniport - ok
13:38:46.0515 3984 [ ED0A176354487CEED65B80A7148AB739 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
13:38:46.0531 3984 ProtectedStorage - ok
13:38:46.0531 3984 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
13:38:46.0531 3984 PSched - ok
13:38:46.0531 3984 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
13:38:46.0531 3984 Ptilink - ok
13:38:46.0531 3984 ql1080 - ok
13:38:46.0531 3984 Ql10wnt - ok
13:38:46.0531 3984 ql12160 - ok
13:38:46.0546 3984 ql1240 - ok
13:38:46.0546 3984 ql1280 - ok
13:38:46.0546 3984 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
13:38:46.0546 3984 RasAcd - ok
13:38:46.0562 3984 [ 2B5E44EA009F2F374B980E1E9A70635D ] RasAuto C:\WINDOWS\System32\rasauto.dll
13:38:46.0562 3984 RasAuto - ok
13:38:46.0578 3984 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
13:38:46.0578 3984 Rasl2tp - ok
13:38:46.0593 3984 [ D57554C664B64604BD1EE13EA2C07E77 ] RasMan C:\WINDOWS\System32\rasmans.dll
13:38:46.0609 3984 RasMan - ok
13:38:46.0609 3984 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
13:38:46.0609 3984 RasPppoe - ok
13:38:46.0609 3984 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
13:38:46.0609 3984 Raspti - ok
13:38:46.0609 3984 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
13:38:46.0609 3984 Rdbss - ok
13:38:46.0625 3984 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
13:38:46.0625 3984 RDPCDD - ok
13:38:46.0640 3984 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
13:38:46.0640 3984 rdpdr - ok
13:38:46.0656 3984 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
13:38:46.0671 3984 RDPWD - ok
13:38:46.0687 3984 [ C0D9D9711CB74EE9BC66353D8CBDAB0E ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
13:38:46.0687 3984 RDSessMgr - ok
13:38:46.0703 3984 [ 611BFD220305BE3A85AE876EA47D4AA5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
13:38:46.0703 3984 redbook - ok
13:38:46.0718 3984 [ 127C26B5371651043450E52542099ABA ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
13:38:46.0718 3984 RemoteAccess - ok
13:38:46.0734 3984 [ 8F31505484A190D5B22274708799F4EC ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
13:38:46.0734 3984 RemoteRegistry - ok
13:38:46.0765 3984 [ 718B3BDC0BC3C2F7D065A53D26202AF9 ] RpcLocator C:\WINDOWS\system32\locator.exe
13:38:46.0765 3984 RpcLocator - ok
13:38:46.0796 3984 [ BE27674D1CBC3214AEC84B4336A38BBF ] RpcSs C:\WINDOWS\System32\rpcss.dll
13:38:46.0796 3984 RpcSs - ok
13:38:46.0828 3984 [ 09AB2E71E58B078038E3BFDBA7FFC984 ] RSVP C:\WINDOWS\system32\rsvp.exe
13:38:46.0843 3984 RSVP - ok
13:38:46.0843 3984 [ 89619EF503F949FAE09252A8B883EE11 ] RTLE8023xp C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
13:38:46.0843 3984 RTLE8023xp - ok
13:38:46.0843 3984 [ ED0A176354487CEED65B80A7148AB739 ] SamSs C:\WINDOWS\system32\lsass.exe
13:38:46.0859 3984 SamSs - ok
13:38:46.0859 3984 [ 410046E401EB11E1E6749E9DEEA41D4A ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
13:38:46.0875 3984 SCardSvr - ok
13:38:46.0890 3984 [ 3FF232A7731621B8902D81D42418C93C ] Schedule C:\WINDOWS\system32\schedsvc.dll
13:38:46.0890 3984 Schedule - ok
13:38:46.0921 3984 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
13:38:46.0921 3984 Secdrv - ok
13:38:46.0937 3984 [ 477E2C3CC5E4A0D635BCB0EA8DCAC3C6 ] seclogon C:\WINDOWS\System32\seclogon.dll
13:38:46.0937 3984 seclogon - ok
13:38:46.0968 3984 [ A530B75C10C23C9AB28FDB6CE719E21F ] SENS C:\WINDOWS\system32\sens.dll
13:38:46.0968 3984 SENS - ok
13:38:46.0968 3984 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
13:38:46.0968 3984 serenum - ok
13:38:46.0968 3984 [ B842729337C9B921615C40D3C1A1AF96 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
13:38:46.0968 3984 Serial - ok
13:38:47.0000 3984 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
13:38:47.0000 3984 Sfloppy - ok
13:38:47.0015 3984 [ F58FACA9621D2DB01BD0927D9A0A208E ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
13:38:47.0015 3984 SharedAccess - ok
13:38:47.0031 3984 [ EE9A2B9EA968A792A053C9D1A86BF870 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
13:38:47.0031 3984 ShellHWDetection - ok
13:38:47.0031 3984 Simbad - ok
13:38:47.0046 3984 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
13:38:47.0046 3984 SLIP - ok
13:38:47.0062 3984 [ 442D891CF7CB138F185FB2A1161C8AF9 ] SNMP C:\WINDOWS\System32\snmp.exe
13:38:47.0078 3984 SNMP - ok
13:38:47.0093 3984 [ 4296E52A9D3CA6DCD1CF57E8BCA45AB7 ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe
13:38:47.0093 3984 SNMPTRAP - ok
13:38:47.0093 3984 Sparrow - ok
13:38:47.0109 3984 [ 5D6401DB90EC81B71F8E2C5C8F0FEF23 ] speedfan C:\WINDOWS\system32\speedfan.sys
13:38:47.0109 3984 speedfan - ok
13:38:47.0140 3984 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
13:38:47.0140 3984 splitter - ok
13:38:47.0156 3984 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
13:38:47.0156 3984 Spooler - ok
13:38:47.0171 3984 [ 94610C8653635E4459316A0050D55CE7 ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
13:38:47.0171 3984 sr - ok
13:38:47.0187 3984 [ 35B91147124F64AC8081A2EDB9EA4DEE ] srservice C:\WINDOWS\system32\srsvc.dll
13:38:47.0203 3984 srservice - ok
13:38:47.0218 3984 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
13:38:47.0218 3984 Srv - ok
13:38:47.0250 3984 [ BECD5271DC4E3B7C3D035F790FCBC1E5 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
13:38:47.0250 3984 SSDPSRV - ok
13:38:47.0281 3984 [ C1CDD9275F6A115BB0AE1D55D8D27BA6 ] stisvc C:\WINDOWS\system32\wiaservc.dll
13:38:47.0296 3984 stisvc - ok
13:38:47.0328 3984 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
13:38:47.0328 3984 streamip - ok
13:38:47.0343 3984 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
13:38:47.0343 3984 swenum - ok
13:38:47.0343 3984 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
13:38:47.0359 3984 swmidi - ok
13:38:47.0359 3984 SwPrv - ok
13:38:47.0359 3984 symc810 - ok
13:38:47.0359 3984 symc8xx - ok
13:38:47.0359 3984 sym_hi - ok
13:38:47.0359 3984 sym_u3 - ok
13:38:47.0359 3984 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
13:38:47.0359 3984 sysaudio - ok
13:38:47.0421 3984 [ CE06F01B88ACE199A1BF460CAC29C110 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
13:38:47.0437 3984 SysmonLog - ok
13:38:47.0453 3984 [ C2546CD7A398476F9DF5614B2AE160E8 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
13:38:47.0453 3984 TapiSrv - ok
13:38:47.0484 3984 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
13:38:47.0484 3984 Tcpip - ok
13:38:47.0500 3984 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
13:38:47.0515 3984 TDPIPE - ok
13:38:47.0515 3984 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
13:38:47.0531 3984 TDTCP - ok
13:38:47.0546 3984 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
13:38:47.0562 3984 TermDD - ok
13:38:47.0578 3984 [ A75DD6FC3DBEE4FFF5EBC9F2C28BB66E ] TermService C:\WINDOWS\System32\termsrv.dll
13:38:47.0578 3984 TermService - ok
13:38:47.0593 3984 [ EE9A2B9EA968A792A053C9D1A86BF870 ] Themes C:\WINDOWS\System32\shsvcs.dll
13:38:47.0609 3984 Themes - ok
13:38:47.0625 3984 [ CD0CC7B167D78043A41C98D4921EFB54 ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
13:38:47.0640 3984 TlntSvr - ok
13:38:47.0640 3984 TosIde - ok
13:38:47.0640 3984 [ 38853304CCB938D30E0C4CDE8D2C2A8A ] TrkWks C:\WINDOWS\system32\trkwks.dll
13:38:47.0656 3984 TrkWks - ok
13:38:47.0656 3984 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
13:38:47.0656 3984 Udfs - ok
13:38:47.0671 3984 [ E3CFD4FCE555784869A9243A71EFCB22 ] UimBus C:\WINDOWS\system32\DRIVERS\UimBus.sys
13:38:47.0671 3984 UimBus - ok
13:38:47.0687 3984 [ 5237BB4B8390325936A38B55D72C23B4 ] Uim_IM C:\WINDOWS\system32\Drivers\Uim_IM.sys
13:38:47.0687 3984 Uim_IM - ok
13:38:47.0687 3984 ultra - ok
13:38:47.0703 3984 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
13:38:47.0718 3984 Update - ok
13:38:47.0734 3984 [ 651BD90DCEE5B7BDC74A2EB7C9266F9E ] upnphost C:\WINDOWS\System32\upnphost.dll
13:38:47.0750 3984 upnphost - ok
13:38:47.0765 3984 [ 20A0F6A11959E92908717D09E87D670D ] UPS C:\WINDOWS\System32\ups.exe
13:38:47.0765 3984 UPS - ok
13:38:47.0781 3984 [ E919708DB44ED8543A7C017953148330 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
13:38:47.0781 3984 usbaudio - ok
13:38:47.0796 3984 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
13:38:47.0796 3984 usbccgp - ok
13:38:47.0812 3984 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
13:38:47.0812 3984 usbehci - ok
13:38:47.0828 3984 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
13:38:47.0828 3984 usbhub - ok
13:38:47.0843 3984 [ 87DA0C8162DD39F96AEA602F45CC0F7E ] Usblink C:\WINDOWS\system32\Drivers\ulink.sys
13:38:47.0859 3984 Usblink - ok
13:38:47.0875 3984 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
13:38:47.0875 3984 usbprint - ok
13:38:47.0890 3984 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
13:38:47.0890 3984 usbscan - ok
13:38:47.0906 3984 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
13:38:47.0906 3984 USBSTOR - ok
13:38:47.0906 3984 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
13:38:47.0906 3984 usbuhci - ok
13:38:47.0906 3984 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
13:38:47.0921 3984 VgaSave - ok
13:38:47.0921 3984 ViaIde - ok
13:38:47.0937 3984 [ 28A4B296B47782173C346E376CB374D1 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
13:38:47.0937 3984 VolSnap - ok
13:38:47.0968 3984 [ DE325918CFA9D0DA3F2466DA2EA0AAF9 ] vsdatant C:\WINDOWS\system32\vsdatant.sys
13:38:47.0984 3984 vsdatant - ok
13:38:48.0015 3984 vsmon - ok
13:38:48.0031 3984 [ D6BA1A63D9E00933F1CD2A885573AFB2 ] VSS C:\WINDOWS\System32\vssvc.exe
13:38:48.0031 3984 VSS - ok
13:38:48.0078 3984 [ F4FAB0B9D43A65F79FC838C94006F643 ] VX1000 C:\WINDOWS\system32\DRIVERS\VX1000.sys
13:38:48.0093 3984 VX1000 - ok
13:38:48.0093 3984 [ FA4E1CDBA256787F2149F4AAD07BC91F ] W32Time C:\WINDOWS\system32\w32time.dll
13:38:48.0109 3984 W32Time - ok
13:38:48.0109 3984 [ 07AD42303519A955560B5A19FE20B68F ] W3SVC C:\WINDOWS\system32\inetsrv\inetinfo.exe
13:38:48.0109 3984 W3SVC - ok
13:38:48.0125 3984 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
13:38:48.0125 3984 Wanarp - ok
13:38:48.0125 3984 WDICA - ok
13:38:48.0125 3984 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
13:38:48.0140 3984 wdmaud - ok
13:38:48.0140 3984 [ 47AE51048A82DFA1CD6B51D369F7E169 ] WebClient C:\WINDOWS\System32\webclnt.dll
13:38:48.0156 3984 WebClient - ok
13:38:48.0218 3984 [ E488332126E3B1182D2B8A0C35408EC6 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
13:38:48.0218 3984 winmgmt - ok
13:38:48.0234 3984 [ 6199B2AE3F9DB9CB6DB230471A1DC601 ] WmdmPmSN C:\WINDOWS\system32\mspmsnsv.dll
13:38:48.0234 3984 WmdmPmSN - ok
13:38:48.0281 3984 [ 0171CFF34BBA8C5977F18C48D8AEF8C6 ] Wmi C:\WINDOWS\System32\advapi32.dll
13:38:48.0281 3984 Wmi - ok
13:38:48.0296 3984 [ 23F6F03272F7E5679F1F050AED5ACEE6 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
13:38:48.0296 3984 WmiApSrv - ok
13:38:48.0343 3984 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
13:38:48.0343 3984 WPFFontCache_v0400 - ok
13:38:48.0375 3984 [ 4C86D5FAF78194995AF9CC1075F65DD3 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
13:38:48.0390 3984 wscsvc - ok
13:38:48.0390 3984 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
13:38:48.0390 3984 WSTCODEC - ok
13:38:48.0406 3984 [ C1364564800EE9784192145324A23308 ] wuauserv C:\WINDOWS\system32\wuauserv.dll
13:38:48.0421 3984 wuauserv - ok
13:38:48.0437 3984 [ A27D4BA7264C0BF52F32D10405BEA1D4 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
13:38:48.0437 3984 WZCSVC - ok
13:38:48.0453 3984 [ EAA4BB9EDB3FB10CF8979FE65E63658F ] xmlprov C:\WINDOWS\System32\xmlprov.dll
13:38:48.0468 3984 xmlprov - ok
13:38:48.0468 3984 ================ Scan global ===============================
13:38:48.0500 3984 [ F36278E42C8C5DF03CE17DAC8231C91C ] C:\WINDOWS\system32\basesrv.dll
13:38:48.0546 3984 [ F3FA14A297BC687D0B51289D034033C9 ] C:\WINDOWS\system32\winsrv.dll
13:38:48.0546 3984 [ F3FA14A297BC687D0B51289D034033C9 ] C:\WINDOWS\system32\winsrv.dll
13:38:48.0562 3984 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] C:\WINDOWS\system32\services.exe
13:38:48.0562 3984 [Global] - ok
13:38:48.0562 3984 ================ Scan MBR ==================================
13:38:48.0578 3984 [ 413FC2A0C716421B3158746D63736515 ] \Device\Harddisk0\DR0
13:38:48.0765 3984 \Device\Harddisk0\DR0 - ok
13:38:48.0765 3984 ================ Scan VBR ==================================
13:38:48.0765 3984 [ 1070A0906B75673917DF5054B11B5D36 ] \Device\Harddisk0\DR0\Partition1
13:38:48.0765 3984 \Device\Harddisk0\DR0\Partition1 - ok
13:38:48.0781 3984 [ E2B5074B14A74337FC2B97F85444C8ED ] \Device\Harddisk0\DR0\Partition2
13:38:48.0781 3984 \Device\Harddisk0\DR0\Partition2 - ok
13:38:48.0796 3984 [ A0FDC1BE36BFFC1A2C3276E9EAEE43D9 ] \Device\Harddisk0\DR0\Partition3
13:38:48.0796 3984 \Device\Harddisk0\DR0\Partition3 - ok
13:38:48.0812 3984 [ 3DB5211C8E8F4DF39E39E339E5E9023E ] \Device\Harddisk0\DR0\Partition4
13:38:48.0812 3984 \Device\Harddisk0\DR0\Partition4 - ok
13:38:48.0812 3984 ============================================================
13:38:48.0812 3984 Scan finished
13:38:48.0812 3984 ============================================================
13:38:48.0812 4028 Detected object count: 0
13:38:48.0812 4028 Actual detected object count: 0
13:40:00.0312 3860 Deinitialize success

[Pic]

Další:
ComboFix 12-09-03.07 - Petr 04.09.2012 13:51:52.4.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.2046.1305 [GMT 2:00]
Spuštěný z: c:\documents and settings\Petr\Plocha\ComboFix.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Petr\WINDOWS
c:\windows\daemon.dll
c:\windows\msmqinst.log
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\regedit.com
c:\windows\system32\drivers\etc\hosts.ics
c:\windows\system32\taskmgr.com
c:\windows\system32\URTTemp
c:\windows\system32\URTTemp\regtlib.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-08-04 do 2012-09-04 )))))))))))))))))))))))))))))))
.
.
2012-09-03 16:39 . 2012-07-03 11:46 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-09-02 21:52 . 2012-09-02 21:52 -------- d---a-w- c:\windows\rundll16.exe
2012-09-02 21:52 . 2012-09-02 21:52 -------- d---a-w- c:\windows\logo1_.exe
2012-08-29 12:40 . 2012-08-29 12:40 73696 ----a-w- c:\program files\Mozilla Firefox\breakpadinjector.dll
2012-08-27 14:15 . 2012-08-28 14:13 25992 ----a-w- c:\windows\system32\pgdfgsvc.exe
2012-08-19 12:55 . 2012-08-29 12:40 266720 ----a-w- c:\program files\Mozilla Firefox\components\browsercomps.dll
2012-08-05 21:39 . 2012-08-05 21:49 -------- d-----w- c:\documents and settings\Petr\.explorer.cache
2012-08-05 21:39 . 2012-08-05 21:39 -------- d-----w- c:\documents and settings\Petr\.explorer.local
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-21 09:13 . 2011-03-02 14:07 355632 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-08-21 09:13 . 2011-03-02 14:07 54232 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-08-21 09:13 . 2011-02-24 16:37 729752 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-08-21 09:13 . 2011-03-02 14:07 97608 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2012-08-21 09:13 . 2011-03-02 14:07 89624 ----a-w- c:\windows\system32\drivers\aswmon.sys
2012-08-21 09:13 . 2011-03-02 14:07 35928 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2012-08-21 09:13 . 2011-03-02 14:07 21256 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-08-21 09:13 . 2011-03-02 14:07 25256 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2012-08-21 09:12 . 2010-06-29 20:24 41224 ----a-w- c:\windows\avastSS.scr
2012-08-21 09:12 . 2011-03-02 14:07 227648 ----a-w- c:\windows\system32\aswBoot.exe
2012-08-17 13:46 . 2012-04-04 11:11 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-08-17 13:46 . 2011-05-14 13:32 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-07-06 13:58 . 2008-04-14 06:51 78336 ----a-w- c:\windows\system32\browser.dll
2012-07-04 14:05 . 2008-09-14 11:56 139784 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-07-03 18:21 . 2008-04-14 05:45 1875072 ----a-w- c:\windows\system32\win32k.sys
2012-07-02 17:38 . 2008-04-14 06:52 916992 ----a-w- c:\windows\system32\wininet.dll
2012-07-02 17:38 . 2008-04-14 06:51 43520 ------w- c:\windows\system32\licmgr10.dll
2012-07-02 17:38 . 2008-04-14 06:52 1469440 ------w- c:\windows\system32\inetcpl.cpl
2012-07-02 12:05 . 2008-04-14 05:50 385024 ------w- c:\windows\system32\html.iec
2012-08-29 12:40 . 2012-08-19 12:55 266720 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-08-21 09:12 121528 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DU Meter"="d:\du meter\DUMeter.exe" [2003-06-22 1297920]
"Zone Labs Client"="c:\program files\Zone Labs\ZoneAlarm\zlclient.exe" [2004-11-28 902432]
"RTHDCPL"="RTHDCPL.EXE" [2007-07-05 16380416]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2010-07-09 110696]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-07-09 13923432]
"VX1000"="c:\windows\vVX1000.exe" [2007-04-10 709992]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-08-21 4282728]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"swg"=c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
"ctfmon.exe"=c:\windows\system32\ctfmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"DAEMON Tools-1033"="d:\d-tools\daemon.exe" -lang 1033
"NeroFilterCheck"=c:\windows\system32\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\system32\\ZoneLabs\\vsmon.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
R0 d347bus;d347bus;c:\windows\system32\drivers\d347bus.sys [5.1.2012 22:20 155136]
R0 d347prt;d347prt;c:\windows\system32\drivers\d347prt.sys [5.1.2012 22:20 5248]
R0 hotcore3;hotcore3;c:\windows\system32\drivers\hotcore3.sys [15.10.2008 16:39 38448]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [24.2.2011 18:37 729752]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2.3.2011 16:07 355632]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2.3.2011 16:07 21256]
R3 pcouffin;VSO Software pcouffin;c:\windows\system32\drivers\pcouffin.sys [15.9.2009 23:50 47360]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [25.4.2012 0:39 114144]
S3 Usblink;Usblink Driver;c:\windows\system32\drivers\ulink.sys [6.11.2008 23:46 40060]
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - 60634543
*Deregistered* - 60634543
.
Obsah adresáře 'Naplánované úlohy'
.
2012-09-04 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2012-07-03 09:12]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\Petr\Data aplikací\Mozilla\Firefox\Profiles\34ba03i3.default\
FF - prefs.js: browser.startup.homepage - http:/www.seznam.cz
FF - prefs.js: network.proxy.type - 4
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
MSConfigStartUp-CTFMON - (no file)
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-09-04 13:54
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
.
C:\avast! sandbox
.
sken byl úspešně dokončen
skryté soubory: 1
.
**************************************************************************
.
Celkový čas: 2012-09-04 13:55:55
ComboFix-quarantined-files.txt 2012-09-04 11:55
.
Před spuštěním: Volných bajtů: 23 017 046 016
Po spuštění: Volných bajtů: 24 370 475 008
.
- - End Of File - - 98CC7B1B160C6D6B8BBB2BC381330058

[Pic]

Musím bohužel odjet a na netu budu až po 22 hodině.

[memphisto]

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

vyčisti systém CCleanerem

a použij i T-Cleaner
smaže vše po Combu,MWAVu atd.-stáhneš>spustíš

pozn. před stažením T-Cleaneru a po dobu čištění deaktivuj AVG , Avast,Avira či Microsoft Security Essentials následně T-Cleaner smaž a zapni si AVG , Avast, Avira či Microsoft Security Essentials

+ Nový log z HJT

Jak se chová PC?

[Pic]

Problém přetrvává. Zde je log:
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:57:21, on 4.9.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
D:\DU Meter\DUMeter.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\vVX1000.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\WINDOWS\system32\wscntfy.exe
C:\totalcmd\TOTALCMD.EXE
E:\STAH\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [DU Meter] D:\DU Meter\DUMeter.exe
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [VX1000] C:\WINDOWS\vVX1000.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs Inc. - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

--
End of file - 3920 bytes